F.A.Q.

Basics

What is a Circle?

A Circle is a set of devices and users that have access to a set of files. Files, Users, and Devices can be added or removed from the Circle at any time.

Are files always encrypted?

Yes, with SecureCircle files are always protected at rest, in transport and during use. Files are never in a decrypted state.

Are files always trackable?

Yes. Once files are protected by SecureCircle they are always trackable. No matter where files are stored, access logs are generated giving details on the IP address of the endpoint accessing the file, the application accessing the file, whether access was successful or failed, time of access and much more.

Are only certain file types supported?
No. SecureCircle can protect all file types and is independent of file extension.

Encryption

How are files encrypted?
SecureCircle uses TLS and Open SSL AES-256 encryption and session-layer uses TLS over SSL applying 2048 bit keys. Strong AES-256 file encryption applies a unique key per file.
Is there any impact on performance?
Yes and minimal. There is a 53 byte overhead when processing files with SecureCircle in addition to AES decryption; however, on most modern endpoints (Intel i3), this overhead has no perceived impact to users.
Have you witnessed or seen any downstream effects with encryption?
No, our solution is completely transparent to end users and only if users are violating policies will they be aware something has changed.
What type of authentication models do you support?
SecureCircle supports device and user-based authentication. However, authentication can be centered around data classification types and not organizational units.

Depth of Protection

Can you protect Malware from infecting protected files?
Yes, once a file is in a SecureCircle only controlled allowed applications can update secured files. Since a virus is not in the allowed list, it will not be able to modify the secured file.
Can I prevent certain applications from accessing protected files?
Yes. SecureCircle allows you to grant certain applications into the “Allowed” list so these applications are the only applications that can access the content of the protected files. Applications not in the “Allowed” list cannot decrypt secured data
Can I secure files from a software application that produces sensitive data?
Yes, we have contextual agents you can deploy at known egress points from any application. For example, these agents can be easily configured to protect data based on any combination of parameters such as: process name, time, location, endpoint type, size of file, location of endpoint, etc. If the created file matches the security criteria, then it will be automatically entered into a SecureCircle.
Can protected files be searched and indexed?
Yes. As long as the search and indexing application is in the “Allowed” list of applications.

End-User Transparency

Does the file extension change?
No. The file extension never changes. Files that are protected by SecureCircle are exactly the same as before they were protected; in fact, protected files are hash identical to the original file.
Is there any change with user files?
No. There is no change to the user experience.
What type of data ingest do you support?
SecureCircle’s Adaptive Source Protection can protect data base on context, content, user-based classification, server side scripting, and manual user ingestion. These method seamless apply to user workflows without having the user alter their work behavior.

Compatibility

Can I use my Apple and Android devices to access protected files?
Yes. You will need to install the SecureCircle iOS application; once installed, you can open protected files on your phone or tablet. Android will be supported early Q2.
Can I use Activity directory to manage file access?
Yes. SecureCircle integrates with Active Directory so you can manage user access to files using Active Directory Group Membership, regardless where the file is stored.
Does SecureCircle support Virtual Desktop Infrastructure (VDI) including Citrix?
Yes, SecureCircle has been deployed in many complex VDI environments including Citrix. Our solution integrates with Microsoft Active Directory or LDAP based directory services as well as works over SMB/CIFS/DFS connections so home folders can be remotely mounted and folder redirection enabled.
Do applications need to be modified in order to access protected files?
No they do not. Any application can work with SecureCircle without modification. Applications interface with protected files through the operating system API ; therefore, access to the file never changes.
Can I still use Dropbox, Box, and Office 365?
Yes, you can still use any file, sync and share utility to collaborate on protected files.
Can you work offline with files?
Yes. Once authentication is verified, you can work with files offline until the access token has expired. The token expiration is configurable.
Can everything run on-premise?
Yes. SecureCircle servers that are responsible for authentication and key management can be on-premise or in the cloud. These services may be deployed as a Docker container or a virtual machine.
Can I use my SIEM?
Yes, SecureCircle generates system log files that can be used by most SIEM products including Splunk, Arcsight and QRadar. These systems can be set up to monitor for unusual file access activity such as successive access denied by the same process; in this case, it might be a virus trying to open a protected file.
Native MacOS support?
Yes, SecureCircle delivers a pure native experience on MacOS. For example, Mac users can still use the Mac Preview utility to open and view any type of file.
Do you support SMB/CIFS?
Yes, protected files can be stored and access over protocols such as SMB, CIFS, AFP, and DFS.