Ionic: on-the-fly ‘zero trust’ text encryption for the most paranoid corporate networks
Tue 14 Apr 2015
Atlanta-based startup Ionic Security today publicly launches its unusual security product – an on-the-fly encryption system that intercepts user keystrokes and saves data fully encrypted, even though the user sees regular text on their own device and software.
The only version of the data which is saved locally is fully encrypted, and unless an attacker is using screen-monitoring or other side-channel attacks, network interception or appropriation of the documents or information will not yield a readable version.
“We deliver them at just the right time and in the right context that your experience isn’t changed,” says Ionic Security founder Adam Ghetti, “No key that unlocks the data lives on your device,”
Ghetti says that the encryption system is already in use at several Fortune 100 companies, and that several “multibillion dollar software companies” are also interested in the technology.
The software performs its real-time encryption by sending encryption keys over the internet, and circumvents the shadow IT concerns of many companies by providing a device-agnostic security approach. The encryption works for documents, emails, and in systems such as Yammer and Salesforce.
The ‘zero trust’ technology encrypts information using AES-256 symmetric cryptography, and provides continuous visibility and analytics. It also discloses the location of the end-user when they begin to access the data. The system can accommodate a BYOD policy as well.
The transparency of use to the end-user is a novel approach, even if one that is not resistant to installed keyloggers or air-gapped keylogging approaches. One drawback is that an internet connection is requisite for viewing encrypted documents.
In February of 2014 Ionic Security secured $25.5mn (£17+mn) in an investment round headed by Google Ventures and Jafco Ventures, with additional capital from individuals such as Ken Levine, Phillip Dunkelberger and Dr. Paul Judge, as well as investors such as Venture Capital and Tech Operators.
