PerfectCloud gives absolute assurance that even if an attacker was to penetrate a server they would never have enough information, even if actively stealing data out of memory, to ever reconstitute a key or steal an online identity. By ensuring decryption and use of credentials exclusively on the client, it renders cloud servers (which are the single point of security failure and highest risk element in any system) immune to any attacks associated with account compromise. In summary beyond the Smart-Key Algorithm offering a high level of security with the right implementation, it also offers cloud based security and identity management a significant forward evolution that is very compelling and worthy of broad use and deeper integration into various web services.



-Daniel Thanos, Fellow of the U.S. National Board of Information Security Examiners.

We Surpass Our Competitors in terms of Data Security and Privacy

PerfectCloud's solutions are founded on a patented security infrastructure that we developed in collaboration with expert scientists in the field of data security & privacy. We take six steps to achieve your uncompromising data security, backed up by several extra layers of confidentiality. "Privacy" is a concept we respect as much as you do. With our security solutions, only you hold the encryption keys to your data. No service providers. No handing your encryption keys over to institutions. Even our team can't access your credentials. What's yours is strictly yours.

The key-management protocol protecting your data was developed together with Ganita Labs of the University of Toronto. Nothing less than scientifically-backed encryption practices. Our key management process is broken down in four parts: Client side encryption, Dynamic key generation, Multi-tiered key generation, and Dynamic key distribution. You have sole control over your encryption keys and they are never stored anywhere. Every piece of your data gets a unique key assigned to it. Keys are broken into multiple parts to hinder unauthorized access. Good luck breaking that!

Our approach to encryption is unbreakable. The encryption key distribution is organized in such a way that our solutions are simply immune to attacks that burn through other encryption products.

You and your data simply can't be tracked in any way. Our architecture is based on a cookie-less, token-less principle. Nothing is ever stored anywhere, so how can anyone track you?

AES 256. ECC. SHA 512. We leverage series of mathematically-proven cryptographic protocols for your utmost safety. While SaaS companies use marketing hype to claim “military grade” or “bank grade” security, we stick to firm actions and superior security. We have your back covered - with cryptography that protects you to the maximum.

 

BENEFITS OF OUR SECURITY

Our Security, developed in a joint-venture with GANITA Lab at the University of Toronto, facilitates a new class of Security, Privacy and Trust for Organizations leveraging the Cloud and Bring-Your-Own-Device (BYOD).

01

NEVER WORRY ABOUT UNAUTHORIZED ACCESS

We block any unauthorized access before any harm can be done to your data through requiring extensive decryption keys. As there is insufficient data on our server to regenerate the key, any wrongdoers will simply be unable to hack into your database. The same applies in the event your device gets stolen or an institution wants to sniff out your information. You needn't worry about malicious attempts at your cloud data.

02

CRAFT YOUR OWN SECURITY POLICIES

You now have the freedom to set extensive security policies for your cloud encrypted data. This policies can be applied to either individual users or groups and even your partners or vendors. Manage your requirements for password complexity or credentials expiration time. Configure session timeouts or the maximum number of failed login attempts. Tinker with the types of authentication you want to allow when it comes to your data. You can have it all.

03

BE IN COMPLIANCE WITH DATA PRIVACY LAWS

As data breaches and security compromise attempts increase, so do various compliance requirements. Failure to meet their postulates can risk the success of your whole business. Our cloud security infrastructure is specifically thought out to ensure your 100% compliance with a wide range of international data privacy laws. Among these are HIPAA, SSAE 16, SOC 1 Type II, SOC 2 Type II, SOC 3 Type III, ISAE 3402, ISO 27001, HITRUST and PCI DSS.

04

ENJOY ACCESS TO OVER 8000 APPS IN OUR LIBRARY

Our security solutions are integrated with close to 8000 applications or websites: a 50% increase on what our competitors can offer. But it's not only about the quantity; the ability to integrate also matters. Our integrations are easy to execute and any application can be deployed in less than 8 hours. Even if an app can't be integrated, our web hooks will take care of that: a pseudo-code will incorporate the app code so you can nevertheless use it for a single sign-on.

05

HAVE MOBILE SECURITY AT YOUR SIDE

Bring your own device (BYOD) is now a part of the everyday office life. We tackle security risks posed by new devices joining your cloud infrastructure through complex, distributed key management. Devices and apps are under your total control: monitored and secured for your guaranteed safety. You now get to receive the BYOD benefits: increased employee productivity and improved communication, without worrying about security vulnerabilities.

SECURITY & PRIVACY CHALLENGES

Cloud-based services are now increasingly being targeted by cyber criminals because one breach can yield account details of millions of users.

Security Breaches are multiplying and attacks are getting more and more sophisticated. Despite using strong encryption, organizations are still being breached causing them severe reputational and financial damage. Many companies are also failing to disclose data security breaches and it is alarming to know that more than half don’t even know that their data has already been compromised.

Data encryption is a crucial part of an organization’s response to security threats and government compliance regulations but not all encryption is equally secure. Most web and cloud services today do not properly encrypt their data. Those that do encrypt data do not have proper key management, with encryption decryption keys almost always residing on the server, making it easy for snoopers to sniff out the confidential information.

With growing security and privacy breaches, more government regulations and compliance requirements have sprung up for all types of institutions holding confidential data, including customer and employee information. Not all businesses understand the requirements and thus fail to be compliant. In addition, data privacy laws differ from country to country. Data stored in the United States, for example, is subject to the US Patriot Act, while data stored in the EU is subject to Directive 95/46/EC . Other countries have similar laws that allow governments to access and review data. Understanding how international data privacy laws affect data stored to the cloud helps you make smart choices about how to manage your data across international lines.

In recent years, the Bring Your Own Device (BYOD) trend has become essential to business, allowing employees to remotely access data from any location, at any time. Mobile devices such as laptops, smartphones and tablets are essential tools for organizational productivity, but they are significantly more vulnerable to attack than desktop computers. With employees bringing their own devices to work, IT has less control over data and the challenge is to ensure that mobile devices do not cause a leak of the organization's sensitive and confidential information. Another big issue of BYOD is when employees share confidential documents and files via insecure cloud storage services using their personal devices.

SmartSignin offers you the ultimate security, privacy and safety for your data. Our patented SmartKey algorithm ensures you are the sole owner of your data. You are the only person who can select your private key or decrypt your personal data. No one else – even the PerfectCloud staff, can access your documents. SmartSignin is founded on a cookie-less, 100% PKI-free architecture. Your private information won't be collected or left unencrypted, ever. To further enhance your security and avoid data compromise, we will log you out and delete your session if you have been idle for more than 20 minutes.

Automated reports ensure your compliance with various forms of regulation. Forget your worries on compliance. With centralized access-tracking and automated periodic reports, you will be prepared for any legislation. This includes HIPAA, Sarbanes-Oxley, and other forms of regulation.

OUR SECURITY INFRASTRUCTURE

Proper security infrastructure starts with reliable cloud hosting. We use Armor : A global leader in terms of highly secure IaaS providers. There's another reason for using Armor services: their extensive infrastructure security matches our thorough smart-key algorithmic security. Working together, both employ a high-end security model devoid of any vulnerabilities or points of possible compromise. Your data is not only secure. It's immune to hacking attempts and leaks.

OUR EXTENSIVE SECURITY MODEL