Too many mobile data security systems rely on built-in device encryption technology and remote wipes to safeguard sensitive business, government, and personal data ... but this approach leaves gaping vulnerabilities.
CommandHub® removes all of these vulnerabilities, and more, through multiple security layers, intrusion protection, and by not storing the encryption key on the device
The patented HubVault™ technology derives both user authentication and the master encryption key from a user entered vault key.
With no component of the encryption key or the user authentication stored (either on the device or anywhere else) the vulnerabilities from tools that can recover such components are eliminated, and the user does not need connectivity to access the data. Thus secure access is provided at all times, together with intrusion protection that eliminates any reliance on remote wipes that can be circumvented by disabling WiFi and mobile connectivity.
In addition to using device-level encryption, HubVault encrypts each file a second time with a unique key to further protect the data from forensic, and other, attacks. When connectivity is available, double-encrypted file transfers provide file syncing and backups without further user input.
HubVault shares all traffic with the mobile device via a double-encrypted tunnel. By way of example, a document being exchanged between an iPhone and an iPad goes through 16 separate encrypt/decrypt steps. And this is all transparent to the user and without any noticeable performance impact.
Additionally, there is the option to protect documents while in use on the mobile device. Files can be opened in an in-memory version of a PDF editor which allows users to safely markup their files without the file being written to the unsecured device cache.
The HubVault technology is seamlessly integrated within CommandHub and is available for Android (Google), iOS (Apple), and Windows (Microsoft) based devices.