Cloud Servers Security

Functionality of the solution based on encrypting whole system, not files or folders only, it works through low system kernel operations. Control of encryption for instances provided via Web UI, where user can start, stop or reboot instances, create instances from prepared AMI or convert own running instances to encrypted environment. Web UI have own rules and policy management for the instances activities.

Our product use Linux Unified Key Setup or LUKS with Cipher Block Chaining Encryption. While most disk encryption software implements different and incompatible, undocumented formats, LUKS specifies a platform-independent standard on-disk format for use in various tools. This is not only facilitates compatibility and interoperability amongst different programs, but also assures that they all implement password management in a secure and documented manner.

When using block-layer encryption and computer boots, the computer asks for a password and/or a key file e.g. stored on Keys Server in order to continue booting i.e. loading the operating system. If none or not the correct password provided - nothing happens. The computer simply refuses to continue with booting thus the data stored on the disk cannot be seen — all information stored on the disk is hidden until somebody provides the correct password/key file or both in case of the more paranoid. It is very important that the boot password is complex as if the password is simple then the protection of the block-layer encryption is nullified by simple password. A weak password always trumps strong security methods.

User interface designed to simplify usage of the product to non-trained personal, comparing to other same type service providers our product have minimalistic tabs that control whole encryption and decryption process  with account management.