The e-Capsule™ Private Safe (or e-Capsule™ PS) application addresses the basic problem of protecting and safely managing valuable information, your files and folders, as you need to take them on-the-road and use them across multiple computers.
The work reality of the typical PC user is that of a dynamically evolving state, which cannot be burdened by rigid logistic, operational or procedural barriers. The value of your personal or business data is often too high to limit its use to just one computer or to jeopardize its confidentiality each time you need to travel or to use a different PC.
The solution of encrypting the data saved on a PC’s hard drive or on a removable memory device (such as a USB stick) using a resident and/or installed application might seem the best choice, especially if it claims to seamlessly encrypt all the files when you save them and to seamlessly decrypt them when you access them.
However, at a second thought, this type of approach leaves open a host of security and usability issues. Consider the following:
- There is no protection at all for the mobile user, who needs to access his data working across PC platforms or on the road. Once he leaves the PC on which the encryption application is installed, he’s on his own. No security is provided for the data used on other PCs or on removable storage devices unless it can be accessed using another PC where the same application is installed.
- In order to operate seamlessly, these applications need to integrate tightly with the PC operating system’s environment. What this means in practice is that they inherit all the security weaknesses and vulnerabilities of the Windows operating system, which can be exploited to gain access to the files one is trying to protect.
- This is also true in the case of removable devices (e.g. USB sticks) which are equipped with portable applications or even with crypto-chips which perform what is typically called hardware-level encryption. The fact of the matter is that even such devices after some form of authorization procedure (e.g. entering a PIN or password) disclose the entire data to the PC operating system and make it available to any application using a standard copy/paste instruction. As you probably know, security is usually defined as a chain whose strength lies in its weakest link. How comfortable can you be knowing that the confidentiality of your sensitive information largely depends on the operating system’s flaws and on your ability to timely install security patches?
The e-Capsule™ PS application has been designed to overcome these kind of problems, while maintaining the highest levels of security and usability. The main purpose of e-Capsule™ PS is to give you (the owner of the information) complete control over your sensitive data and to allow you to always manage it with the maximum security.
The e-Capsule™ File System (EFS)
The e-Capsule™ PS application is characterized first of all by the fact that it is fully contained on a USB device, thus requiring no installation and no special drivers. This property is technically called “zero-footprint”, indicating that no trace is left of the session on the PC, either as temporary files or OS registry values. After you have finished your e-Capsule™ session on the host PC, nobody will be able to recover any useful information or data on the session itself.
Secondly, e-Capsule™ PS allows you to store any number of files and folders inside a proprietary file system (called the e-Capsule™ File System or EFS) which implements strong AES-256bit encryption at the file block level (i.e. it encrypts your files at the level of the smallest contiguous set of bits or bytes that forms an identifiable unit of data). What this implies is that the security of the sensitive documents stored on the USB is never handed over to the operating system of the PC even when you browse inside of the EFS, since the data is kept encrypted at all times and its structure is totally meaningless to external processes or applications.
Thirdly, e-Capsule™ PS allows you to manage and access the information content of the files stored in the EFS without the need to release clear data to other external applications. For example, you can read a PDF document, listen to a MP3 music file, view a MPEG movie or even edit a text or RTF file without ever leaving the controlled e-Capsule™ PS application environment. Your sensitive data is therefore kept encrypted at all time and released in clear format only when it is absolutely necessary (e.g. when you need to open and modify a file with the associated external application).
Finally, e-Capsule™ PS is equipped with a set of tools and with an internal application logic which assures that under any operational circumstance you will be the only one to manage and have access to the sensitive data stored in the EFS. This feat is accomplished by allowing a multi-level access to the application and by providing usage monitoring tools, which track all actions done on the files stored in the EFS. By using different access passwords you will be able to access different data stored separately in the EFS. In other words, the e-Capsule™ PS is a complete and portable information management system, designed to keep your sensitive data confidential and always under your control.