ABOUT GALAXKEY
Galaxkey is a data protection product that protects email, documents and any data using access control and an encryption platform. The data can be protected on any device, in any cloud, on any network, or platform.
The Galaxkey platform is flexible and extensible and it offers data protection through access control and enhanced confidentiality whilst maintaining the integrity of the data in transit and when stored. The highest level of availability to authorised users is maintained. Galaxkey provides end-to-end security within an easy to use platform.
Galaxkey believe that everyone has the right to the privacy, confidentiality, integrity and availability of their data. Galaxkey believe in data protection for all, on any device, anywhere and at any time. This is what Galaxkey provides to the data owner, in an easy to use platform.
You can use Galaxkey to protect your data stored on devices as well as when you need to transfer data over any network so that you can ensure that the data is always secure.
You can use Galaxkey to share data securely over any network including over the internet.
You can use Galaxkey to send secure emails, to be sure your emails are not intercepted, accessed or modified by anyone other than the intended recipient.
You can use Galaxkey to verify who has sent the email. When you use Galaxkey you can ensure that the email, sent protected by Galaxkey, definitely came from the user that sent it.
You can use Galaxkey to sign emails and documents digitally and verify the identity of the user that sent the email, out-of-band, in a secure way.
You should use Galaxkey because the Galaxkey lab is always innovating! Please keep checking our website for new innovative solutions.
You should use Galaxkey as we have many features inherent in the software and are happy to discuss these with you. Please contact support@galaxkey.com or take a look at our datasheets for more solutions.
TLS is secure but only in part and with no assurance. It is no longer acceptable in cybersecurity circles as an assured means of securing email. TLS is however best effort. With TLS if the certificate is out of date or invalid it reverts to clear text. Additionally, the end user has no way of knowing how the store-and-forward has worked and whether it was secure or not from end-to-end. The only certain way is through utilising Pre Internet Encryption (PIE) -Thanks Steve G. Galaxkey uses PIE thus the user is assured when they press the secure-and-send Galaxkey button that the data is enveloped in our secure tech and is sent over any network securely and only accessible by the intended recipients.
We know that we have an exceptionally fast algorithm that beats our competitors on all devices!
We know that we have fantastic, unique features that our competitors have not yet thought of!
We know that we have a team of great people working for us and with us. No, seriously-they are a very smart bunch!
HOW GALAXKEY WORKS
No, all Galaxkey secured files can be opened in a web browser. However, when working offline a native application is the only way to decrypt these protected files. Hence, if you are working on a plane or train (for example) and have no internet access you should download the app.
All a user must do is register on the Galaxkey website. Once they have registered they can either use the website to access data, files and emails or they can use the native applications that the Galaxkey team has built for the supported platforms.
When you send an email or share a file, the application indicates who is using Galaxkey. If the user is not using the software, they will be invited to securely collaborate with you. The user will then be guided through the same process (as when you joined) and 30 seconds later they will have an account.
There is a signed-for option in our email application that lets the sender get a notification when the recipient opens the email. If the recipient does not accept the email, the sender will get a rejection and the recipient will not be able to decrypt the email or file.
Yes, you can sign any email and this achieves two things. Firstly, you will know that it came from who you thought it came from (the person that signed the document or email) and secondly, you will know it has not been tampered with or intercepted.
Yes, you can verify the identity and get assurance that the person (that sent you the email) is in fact the person that you thought it was. So, it can help to stop phishing, whaling and spear phishing.
Yes, to verify the identity. Galaxkey uses an out-of-band mechanism to check the identity of the user and also to check if the user is authenticated and whether the user signed for that email. Thus you know that it is that email that the person sent and that they typed in a password to send it. The password is also different from Windows (those are much easier to compromise). You are also able to use fingerprint readers with Galaxkey and any biometric solution that we support.
Yes, we were the first company to use Touch ID for encryption.
Yes, it is very easy to use. My mum does use this software and she is not technical!
From time to time she sends confidential documents or passwords.
We don’t know of any. If we hear of one or find one, we will work endlessly to fix it. We have not found one yet.
Thank you, we have been building this platform for over ten years.
SUPPORTED PLATFORMS
The team at Galaxkey work hard to support all platforms. We have over 60 developers working persistently to make sure that you get the best support on the following platforms:
• Windows 2000, XP, Vista, 7, 8, 8.1 and 10
• Android
• Apple iOS
• Apple Mac
• Blackberry
• Samsung Knox
• Chrome
• IE
• Microsoft Titan
• Firefox
• Safari
• Tesla Linux OS variant
• IoT (platforms, Various)
• Aerospace platforms (Various)
• Satellite platforms (Various)
• Healthcare platforms (Various)
• And many more, we aim to support everything we can develop on,
You can download our Native Applications from https://manager.galaxkey.com/Downloads
CLOUD PROTECTION
When you send an email, by its very nature, it goes to the cloud and traverses many servers. That’s why we built Galaxkey -so that you can easily secure the email or file whist its being transmitted.
Galaxkey assures all customers that unencrypted data is never sent to the cloud when using Galaxkey products.
ARCHITECTURE
Galaxkey is extremely flexible. We support: on premise, cloud, and virtually any model that you can think of. Majority of the Galaxkey team have worked in IT for over 20 years. We enjoy a challenge and are determined and flexible enough to make things happens.

• Hybrid Cloud
The hybrid solution is when a customer has their own server onsite. It is simple to install and within 10 minutes the customer can store files onsite. This functionality enables features such as geo-fencing, which allows the customer to keep the data in the jurisdiction of their choice. You can even confine the data to a building!

• Fully public cloud
The fully public cloud solution is where every component is in the cloud. The solution is compatible with Amazon AWS, Google Cloud, Microsoft Azure and many other service provider clouds. It is very extensible and flexible.

• Fully Private cloud
Everything is private on your cloud and there are no public key lookups to the public cloud.

• Private cloud with public key lookup
With this model the customer has everything onsite but a public key lookup is automatically done when the customer needs to communicate or share a file with someone that is not in their company. This is the default model and the customer does not have to do anything special for it to work.
CLOUD STORAGE
Our technology can protect any file on Dropbox. When it’s uploaded to the cloud (when it leaves the computer) it’s protected. By doing this, you are always in control of your data.
Our technology can protect any file on SugarSync. When it’s uploaded to the cloud (when it leaves the computer) it’s protected. By doing this, you are always in control of your data.
Our technology can protect any file on OneDrive. When it’s uploaded to the cloud (when it leaves the computer) it’s protected. By doing this, you are always in control of your data.
Our technology can protect any file on GoogleDrive. When it’s uploaded to the cloud (when it leaves the computer it’s protected) this way you are always in control of your data.
We have tested Galaxkey on many cloud storage platforms and it works 😀
You can use Galaxkey on any popular cloud!
WORKING OFFLINE
Yes, you can, If the recipients public keys are cached (they get cached on each device when you communicate with the recipient for the first time). If you are offline and send a secure email or try to share a document securely, Galaxkey will not be able to automatically download the key to protect the document. Unless, you are on the fully private cloud solution and are connected to that key server.

You are able to protect any file for yourself when offline as your public key is automatically cached on your device/machine, this includes access to the vault.
GALAXKEY VAULT
The Galaxkey vault is an area on your device that allows you to easily encrypt any data by a simple drag and drop. You can drag any file into the vault and Galaxkey will automatically protect the data.
The data in the vault is protected even if the file is moved out of the vault into another folder.
Once encrypted, to decrypt you need to authenticate to access the data.
The Galaxkey vault secures any data that is transferred by drag and drop, or copy and paste into the vault.
GALAXKEY AUTHENTICATION
Yes, we support multifactor authentication. This includes two factor authentication (2FA). We support passive and active MFA including, biometrics and One Time Passwords (OTPs).We recommend MFA to avoid password interception, sniffing and other issues that your operating system may expose you to.
Magic! No seriously, if you need to know this, we can take you through all the options. Please contact support@Galaxkey.com for further details.
KEY MANAGEMENT
A key is a mathematical computed string that can exist in symmetric or asymmetric form. Galaxkey multiplexes this (we have some very smart people that have done maths at some of the top universities, globally).

Symmetric keys are like passwords and pass phrases whereas asymmetric keys are in pairs, typically the public key and private key. The public key is used to encrypt and the private key is used to decrypt. Galaxkey uses both to enhance the protection. The rest is our secret source! Only you have your private key.

In corporate environments, the company can reset keys if forgotten. Everything is logged (in detail) and you are always notified when keys are reset.
If you are a paying customer of Galaxkey, we guarantee that we don’t have your key! We can prove this to you by showing you the source code (once you sign a legal document agreeing not to edit our code or distribute it to anyone). Galaxkey is our IP and we will protect it.

If you have a free account we could get access to your key if required and if you asked us to manage it. This is only for legal or law enforcement purposes. We protect your identity and your key if we have it. However, you can opt out of Galaxkey having access to your key.
To be absolutely sure you can install a Galaxkey server onsite to generate your keys. Unlike many of our competitors, Galaxkey will let you do this. Additionally, we will allow you to review the source code and compile it on your site so that you know we have not built in any nasty backdoors.

Also, it is possible to link your key to your fingerprint. We can assure you that we don’t have that in any way or form!
Galaxkey have a Public Key Directory (PKD). This directory is a global directory for everyone to use with a copy of your current public key. Public keys are meant to be shared for this reason and we do this as part of our service, for our clients and anyone that registers.
We use a special mix of ciphers and in a special way. However, they are all ciphers that are recognised and that have been resiliently checked and designed for strength. For more information, please contact us.
Anything could eventually be broken but presently, no.
We can set the length to any length that your hardware can handle. By default its AES 256 and PKI 2048
Yes! Talk to us and we can help you.
Yes, if discussed. If you don’t contact us about this our default secret sauce is used.
No! We have a self-protection mechanism that does not allow this to happen. You have the key and in some case you are the key, when using our advanced biometrics. Thus you should never lose access to your data.
You can reset it, if we manage the key or if you pay for a licence. However, if neither of these are true you could lose access to the data (if you have not made a backup of the key, for free accounts, or if you have decided against Galaxkey managing your key). There are no backdoors, so we can’t help you if you choose not to follow our guidance.
If you lose your password and you are a corporate user, your system administrator can reset your password. If you are not a paying user, your account will have to be deleted and you will not be able to access the data that you have encrypted with the lost password, there is no backdoor!
If you would like the ability to reset your password you can register for a corporate account once you purchase a licence from a partner. We have partners in over 120 countries so we can point you in the right direction if you contact info@galaxkey.com
PRICING
Galaxkey is free for personal use.

Corporates will need to pay a small charge. For pricing and further details please contact us and we can put you in touch with a partner. Alternatively, check our website.
Sure!

You will need to contact our support@galaxkey.com or one of our partners in your region.
We price the technology per email identity. A licence is required for each corporate identity and yes, the more licences you require the more cost effective the solution becomes. We want everyone to be able to use our technology so contact us for our very affordable options.
INSTALLATION AND DEPLOYMENT
You can install Galaxkey on any modern device in less than two minutes. This includes signup on the website-If you type really slowly, it may be slightly longer!
All you will need to do is email the users. If the users have administrative access to their machines they can install the applications, if not, they can use the zero install option which is a web browser. You can also use Microsoft SCCM, Altiris and other tools such as login scripts to deploy the application to the users machines. It is possible to deploy to 10,000 users in a day.
BACKDOORS
A backdoor is some code and a system that allows people, systems and platforms to get into the encryption or system.
Some competitors build them into their platforms to comply with certain government regulations and accreditations.
If you are a paying user, we can get a copy of the source code to you for review. Once you sign our NDA you are then free to review it.
If you are serious about reviewing code there are many independent organisations that will do this for you. We will work with you to get this operation complete.
After you review the code, with an independent party of your choosing, you are free to compile it yourself or with assistance from a developer and then install it on your premise without our involvement.
It is possible to Run Galaxkey in a completely private cloud without any internet access, this is typically used for diplomatic offices and military installations.
Bad guys do use encryption. If they do we will do whatever we can to stop them. However, firstly whoever claims that they are using it unscrupulously must prove, in a court of law, that this is the case before we can help. We must state very clearly that there are no backdoors, so what we can offer with regards to assistance is limited.
DATA
No! Even if we magically got your key, we do not have your data. You have it and you are always in control of your key.
On a secure server, in a geo-location of you choosing.
Your data is protected by your private key. We would need your fingerprint or your credentials to open your files or emails.
As an admin you can use your admin account to decrypt the data. The user will be notified that you have accessed the data and so will the other admins, automatically.
Yes, if you send an email in writing to Galaxkey from the CEO, CFO or COO of your company. The data is the asset of the company and the organisation, paying for the licence, is the holder of the keys.
You as the organisation should have a backup of the keys. The system keeps prompting you to make a backup every time you login. You make this backup when you signup the first time.
Yes, we support the top vendors in HSM as well as many others.
GEOFENCE
Yes! Isn’t that cool? We can keep the data in your jurisdiction so that foreign entities cannot access it. They would not get it anyway as Galaxkey’s architecture is strong but just so that you sleep easy, we also GeoFence the data.
For now we do it based on where you have signed up from. In the future there will be an option for you to choose.
Email us! However, in the near future you will be able to change it yourself.
MIGRATION
Yes, in most cases. Our experienced team will help you do this. In fact, we spend most of our time migrating from other platforms to ours.
Nothing! You can keep accessing it but you will not be able to encrypt and protect new files and emails any longer.
FILE SECURITY
Yes, you can. Right click the file and click share. Then create the group, add a user to the group and click share.
The file is encrypted on your machine with your public key and the recipients public key. It is then uploaded to a secure location. An email is sent to the user, telling them that they are part of a shared group and the file is downloaded to their machine.
Up to 5 GB free of charge and after that we charge a small fee.
You can store the files on your own server, if you like, or provide us with your cloud account details if you want us to link to that.
Yes, you can secure any cloud platform. Including: Dropbox, OneDrive, Box, SugarSync, Sinology, Cisco, GoogleDrive and many others.
Double click the file, if you have the application installed, and type in your credentials. After the first one, your profile is open for a brief time so that you can decrypt more files. After the “settable timeout”, you will need to authenticate.
SUPPORT
You can email us or call your reseller.
For paying users it’s 24X7 X365

For free users it’s 9:00-17:00 GMT, 5 days a week on email.
Sure, if you have a licence. Your reseller will put you in touch.
Yes we would love to talk to you.
We will not be able to help you, you will need your password and we don’t know it. That’s why we ask you to remember your password when you register!
I am sure many people will want to take your money but unless they can crack high-end encryption (being used by the world’s top banks and NASA), I don’t think they are going to get in.
Still no, sorry… make a backup of your identity and take note of your credentials and/or associate your key with your fingerprint.
We have limited spaces. We are growing, if you send us your CV and the reasons you want to work for us we will consider you. Competitors, we know your tricks, stop applying for jobs!
COMPLIANCE
GDPR:
Galaxkey has a comprehensive GDPR capability and offers many technical controls to protect data. With its versatile platform Galaxkey can protect any data, on any device, anywhere and offers a truly secure platform that is easy to implement.
The GDPR exists to ensure that all European citizens’ data is collected, processed and protected appropriately. The regulation exists so that data processors and controllers conduct themselves in a responsible manner when collecting, processing, storing and sharing another entity's personal information. It holds them accountable should they abuse or compromise your personal information in any way. The GDPR considers your personal information to be your property and entitles you certain rights of protection and the ability to exercise control over:
• when and how you choose to share your information (requires your consent)
• the type and extent of information you choose to share (must be collected for valid reasons)
• transparency and accountability on how your data will be used (limited to the purpose) and notification if/when the data is compromised
• providing you with access to your own information as well as the right to have your data removed and/or destroyed should you so wish
• who has access to your information, i.e. there must be adequate measures and controls in place to track access and prevent unauthorised people, even within the same company, from accessing your information
• how and where your information is stored (there must be adequate measures and controls in place to safeguard your information to protect it from theft, or being compromised)
• the integrity and continued accuracy of your information (i.e. your information must be captured correctly and once collected, the institution is responsible to maintain it)
Examples of "personal information" PII for an individual could include:
• Identity and/or passport number
• Date of birth and age
• Phone number/s (including mobile phone number)
• Email address
• Online/Instant messaging identifiers
• Physical address
• Gender, Race and Ethnic origin
• Photos, voice recordings, video footage (also CCTV), biometric data
• Marital/Relationship status and Family relations
• Criminal record
• Private correspondence
• Religious or philosophical beliefs including personal and political opinions
• Employment history and salary information
• Financial information
• Education information
• Physical and mental health information including medical history, blood type, details on your sex life
• Membership to organisations/unions
• IP Addresses
Galaxkey has strong solutions that help in the protection of PII for GDPR compliance. We have focused on the GDPR since its inception as data protection is our specialisation.

DPA:
Members of the European Union abide by EU Data Protection Directive 95/46/EC in 1998. With the Personal Data Act, using Galaxkey can help protect any data on any device and anywhere This means that it will help when applying technical controls to your data however, you will still need a process and will need to educate your people.  
Galaxkey has strong solutions that help in the protection of PII for DPA compliance.

HIPPA:
Galaxkey has a comprehensive HIPPA offering and provides many technical controls to protect data. With its versatile platform Galaxkey can protect any data, on any device and anywhere and offers a truly secure platform that is easy to implement.
Galaxkey has strong solutions that help in the protection of Healthcare data and information for HIPPA compliance.

PCI-DSS:
Galaxkey can help protect any PCI-DSS data. Contact us for more information.
Galaxkey has strong solutions that help in the protection of PCI-DSS compliance.

PoPI:
The PoPI Act exists to ensure that all South African institutions conduct themselves in a responsible manner when collecting, processing, storing and sharing another entity's personal information by holding them accountable should they abuse or compromise your personal information in any way. PoPI considers your personal information to be your asset and gives you certain rights of protection and the ability to exercise control over:
• when and how you choose to share your information (requires your consent)
• the type and extent of information you choose to share (must be collected for valid reasons)
• transparency and accountability on how your data will be used (limited to the purpose) and notification if/when the data is compromised
• providing you with access to your own information as well as the right to have your data removed and/or destroyed should you so wish
• who has access to your information, i.e. there must be adequate measures and controls in place to track access and prevent unauthorised people, even within the same company, from accessing your information
• how and where your information is stored (there must be adequate measures and controls in place to safeguard your information to protect it from theft, or being compromised)
• the integrity and continued accuracy of your information (i.e. your information must be captured correctly and once collected, the institution is responsible to maintain it)

Examples of "personal information" for an individual could include:
• Identity and/or passport number
• Date of birth and age
• Phone number/s (including mobile phone number)
• Email address
• Online/Instant messaging identifiers
• Physical address
• Gender, Race and Ethnic origin
• Photos, voice recordings, video footage (also CCTV), biometric data
• Marital/Relationship status and Family relations
• Criminal record
• Private correspondence
• Religious or philosophical beliefs including personal and political opinions
• Employment history and salary information
• Financial information
• Education information
• Physical and mental health information including medical history, blood type, details on your sex life
• Membership to organisations/unions
Galaxkey has technical and process solutions that help in the protection of PII for POPI compliance.

ISO27001:
Galaxkey has strong solutions that help in ISO27001 compliance.
UNANSWERED QUESTIONS
If we have not addressed all of your questions, please let us know. We endeavour to keep our FAQ up to date and keep everyone well informed.

Please email us at info@Galaxkey.com , we are more than happy to help.