Four products - One easy to use platform

All your data protected under three layers of identity-based encryption


How it Works

Each Galaxkey product uses the same identity-based encryption model. Every user must present the correct identity and authorisation to access a piece of your data each time they use it. This may be access to an email, a document or a workspace.

By tying access to identity, you can have users on multiple devices, platforms and regions with no loss of security. This frees your organisation to work however it wants to while remaining protected at all times.

Galaxkey’s encryption secures data across all our products with FIPS 140-2 compliant encryption algorithms, a benchmark standard set by the US Government. Combining this with identity-based authentication makes our products among the most powerful data security tools available.

For documents
For workspaces

Galaxkey’s easy-to-use software integrates with Microsoft Outlook, works as an app on iOS and Android devices, and as a desktop application on the macOS. Galaxkey automatically encrypts the email on the device itself.

This provides a simple way for a Galaxkey registered user to send secured emails simply when the “Send” button is pressed.

If the person you sent the email to is not registered with Galaxkey, they are automatically registered by the platform with a no-cost Galaxkey account. The recipient does not have to do anything other than set their own password, and then they can receive emails and respond securely.

Galaxkey’s feature-rich email applications include email notifications, authorisation before opening, time validity, digital sign and geo-fence. These combined features make it very simple for corporates to deploy Galaxkey into their enterprise network.

Additionally, Galaxkey also provides a gateway-level encryption server for emails, where an enterprise needs to scan content before encryption.

For documents

On Windows and macOS operating systems, users right-click on their document to encrypt it.

This makes securing a document as simple as zipping. Once encrypted, the document has the extension of .gxk. Users can directly double-click on a document, edit it, and automatically store it in the encrypted container.

For workspaces

Galaxkey Secure Workspace is a web-based platform that allows documents of any size and format to be shared and received securely.

Each document on the workspace is encrypted and stored using Galaxkey’s identity-based architecture. The workspace allows setup in-house so that all data remains inside the organisation’s control – even in encrypted form.

The platform architecture allows its users to create a workspace giving access rights to people both inside and outside the organisation. Access rights are granular, and people can access data only if they have proper authority.

Galaxkey workspace has in-built MS Office file editing that negates the need to load the document in Microsoft’s online platform. This ensures that the integrity and security of the document is completely maintained within the organisation’s control.

The secure file transfer platform integrates seamlessly with email clients, enabling users to send large files securely without the limitation of maximum file size restriction imposed by mail servers.

What is identity-based encryption?

Enterprise-level data security

Galaxkey is a pure end-to-end encryption solution – meaning that information is encrypted at source and can be decrypted only at destination.

When a user registers with Galaxkey, they receive a Galaxkey Identity. This Identity is used for email encryption, file encryption and Workspace. Galaxkey secures the Identity of that user with all the information stored inside the encrypted packet.

This Identity is two mathematical keys that are associated with an email address. One key is for encryption, and the other is for decryption. Your encryption key is securely made available to anyone who wants to share information with you using the Galaxkey suite of products. Your decryption key is encrypted using your Galaxkey password and made available only upon successful authentication. Thus, the final control of data shared with you lies only with you. The Identity is associated with your unique email address, which is only accessible by you.

Galaxkey does not store any passwords in any form whatsoever.

Woman working on Galaxkey's secure workspace working collaboratively with her team

How is your data secured?

All four of Galaxkey’s products centre on our unique three-layered encryption architecture, and each layer must be removed before you can see the one below. Therefore, your data is only accessible after all three layers of protection have gone.

We combine the strengths of both AES-256 encryption and RSA 2048 encryption to create a powerful model similar to 3 combination locks where each lock has 2 to the power 256 possibilities to choose from. But there is no key or password to help someone work it out. Because of our unique identity-based model, no user passwords or keys are ever stored.

This makes Galaxkey encryption practically impossible to penetrate.

One Identity across all products

Enterprise-level email encryption and data security from Galaxkey

When you register with Galaxkey, you receive an Identity used for all email encryption, document encryption and Workspace. This Identity enables you to use any of the Galaxkey products:

  • Send and receive secured emails with enterprise features that allow you to revoke and retrieve emails sent accidentally directly.
  • Secure data on your computer on both Windows and macOS operating systems.
  • Perform secure document transfer using the Galaxkey Workspace platform without the need to install any software on the your machine.
  • Sign documents electronically with no limit on the number of documents. With the hybrid model, all documents are stored inside the enterprise network.
  • Perform Know Your Customer (KYC) operations securely with the Galaxkey and Yoti integration.

Who manages and holds the keys?

Self-hosted Implementation

With Galaxkey’s hybrid or enterprise implementation, companies can generate and hold their own encryption keys within their infrastructure, without any involvement from Galaxkey. This means that Galaxkey has no access to the keys, ensuring maximum security for your sensitive data. Without access to the keys stored in your internal network, any data secured with those keys is completely safe and cannot be decrypted by anyone else.

Cloud Implementation

Galaxkey’s encryption solutions cater to enterprises of all types and sizes, enabling them to manage and store their encryption keys within their own infrastructure. For cloud-based deployment, Galaxkey uses its ISO 27001 certified infrastructure to store the keys. These keys are then encrypted with individual user passwords, and Galaxkey has no access to them since it does not store these passwords. This means that only the enterprise can access and decrypt any data secured with these keys.

Security Features

Enterprise friendly
Unbeatable Encryption Standards
Key Control
Administrator Control
Create policies
Identity integrations
Enterprise friendly

Galaxkey is purpose-built for enterprises, offering a hassle-free way to communicate securely without incurring extra expenses. Here are some of the key features that make Galaxkey ideal for businesses:

  • Hierarchy of user access rights: corporate administrator, service account, and standard user.
  • Group-based configuration management allows for precise control.
  • Customizable branding options and detailed email templates for notifications.
  • Seamless integration with identity providers for Single Sign-On (SSO).
  • Active directory-based mass provisioning and de-provisioning.
  • Detailed and granular audits and audit reports.
  • Configurable policies for encryption and password definition.
  • Retention policies for data.

With these features, Galaxkey makes it easy for any enterprise to adopt a secure communication platform that meets their specific needs.

Unbeatable Encryption Standards

Galaxkey’s email encryption is certified by the NCSC (National Crime Security Council, UK) and adheres to the US government’s AES FIPS 140-2 standard. This standard outlines strict requirements for cryptographic products and is used to secure sensitive information. To meet the standard, Galaxkey uses 2048-bit RSA Keys by default, and also allows for substitution of cyphers if necessary. The AES FIPS 140-2 standard is supported by major platforms, including Windows, iOS, Android, and MAC OSX.

Key Control

Galaxkey’s architecture is designed to provide clients with complete control over their layer one and two encryption keys. Using hybrid models (enterprise or self-hosted options), Galaxkey allows enterprises to generate their encryption keys within their own environment, enabling maximum security and privacy.

For clients looking for an even higher level of security, Galaxkey supports integration with hardware security modules (HSM) and offers seamless integration with Thales HSM devices, a trusted partner in the industry. With Galaxkey, enterprises can be confident in their data security and privacy.

Administrator Control

With Galaxkey, administrators have complete control over encryption keys and data. Corporate accounts offer the ability to create group-based encryption policies for users. Our white labelling options allow you to customise the platform with your branding, and detailed audits produce GDPR-compliant reports.

Create policies

Set rules and policies to protect your data and meet specific compliance requirements. These policies can be applied on Outlook and also on Galaxkey Secure Gateway.

Various policies can be set based on user groups. The policies can be applied to various email elements like subject, metadata, body, and attachments. The policy engine supports regular expressions; hence the administrator has complex flexibility to configure the rules on the encryption. Policies are an effective way to implement Data Loss Prevention (DLP) in corporate emails.


Identity integrations

Galaxkey supports Active Directory, Azure Active Directory and Okta integrations for single sign-on. The Galaxkey Active Directory Synchronisation makes it easy for corporates to provision and de-provision users on the Galaxkey Platform. And if you need Digital Identity Verification, our platform integrates with Yoti.

You're in safe hands. Here are our certifications and accreditations:

National Cyber Security Centre
Crown Commercial Service Supplier
Cyber Essentials Plus Certification