Policy-driven Encryption

Data is the currency of IoT applications for both its rightful owners and hackers working to exfiltrate valuable information assets for financial gain, infrastructure disruption or industrial espionage. While IoT data brings unparalleled potential for understanding, adapting and controlling the world around us, it also dramatically expands cyber-vulnerabilities that can result in the loss of intellectual property and privacy while exposing insight into critical infrastructure and industrial control processes.

Data transfer mechanisms utilizing transport based security protocols have been substantially compromised and do not guarantee end-to-end data security. IoT data requires advanced, policy-driven end-to-end security to protect data -- in motion and at rest -- as it moves between devices and applications.

Device Authority’s Policy-driven Encryption solution utilizes our patented dynamic key generation, device-derived key technology and crypto-policy agents to provide “drop-in” application-level crypto that is configurable for specific data payloads and transmissions. 

Dynamic keys ensure that each data payload can be encrypted with one-time-use keys that are not are not shared or stored. Individual data elements can also be encrypted for specific recipients, independently from data transport protocol security. Using Device Authority’s “set and deploy” policies to determine precisely which data needs to be encrypted, our smart agent technology takes care of processing and encrypting the vast quantities of data generated at the device or network edge. This ensures regulatory compliance and the mitigation of risk and data loss.