If a user tries to share a file, the server fetches the policies for it and the keys needed to decrypt it. The system stores symmetric keys per data element, so certain paragraphs could have different policies from the rest of a document. The keys are not stored on end user devices; the devices need to be granted access to them. For offline use, the key would be encrypted and stored on the device for a defined time period.
The app has a shim between the application opening the file and the operating system to enforce policies. If the application opening the file tries to access print-screen, for example, but the policy forbids it, the Vera app intercepts the call.
On the receiving end, users authenticate via Google Authentication, get the decryption key from the server and decrypt in their browsers. For users without clients, the server can decrypt the document and render it to the browser.
The company was founded in January 2014 with $4 million in seed money from Battery Ventures, which invested $10 million more in November of that year. The company has 35 employees, 10 in Bangalore and the rest at company headquarters in Palo Alto, Calif.
Sign up for CIO Asia eNewsletters.