The Technology

The Onion Model

At Galaxkey, we use specially designed three-layered encryption architecture that makes it practically impossible to penetrate and access encrypted data without the proper access rights and authentication. Based on the onion model, each layer peels back to decrypt the data within. The cutting-edge technology is engineered using an identity-based encryption model that enforces the rule that only an authorised person with access rights can view a message or file. All data is secured using FIPS 140-2 compliant encryption algorithms across all Galaxkey platforms, a benchmark standard set by the US Government.

With the three dedicated layers of encryption, Galaxkey provides the highest level of cybersecurity across multiple platforms. What makes our platform unique is that no keys or passwords are ever stored – the encrypted data makes our products among the most powerful data security tools available, and they can be used on multiple devices.

More Details
Enterprise Email Encryption

Galaxkey Secure Gateway

The Galaxkey Secure Gateway (GSG) is an SMTP inline server that performs the task of encrypting and decrypting emails sent through the SMTP server.

The GSG is an ideal solution for both companies and corporate users who need to send out high volumes of emails with state-of-the-art encryption. It offers a wealth of features, including sending out automated invitations to new recipients, and provides quick and simple encryption to outbound emails.

The GSG can also be deployed as an incoming decryption tool. For convenience and ease of use, companies sometimes want to automatically decrypt inbound emails before they are delivered to their designated recipients and GSG can be configured to perform this automated decryption.

GSG also supports the Galaxkey Policy Manager. Here, users can define encryption policies to trigger email encryption based on rules and the content of an email. The policies can be configured by either a user or group and are fully supported by GSG, which will adhere to the chosen settings regarding policy.

More Details

End-to-end Encryption

Galaxkey delivers complete end-to-end security for emails and documents, in transit and storage. Once data is secured at the sender’s device, regardless of whether it is a desktop computer or smartphone, the information can only be restored at the recipient’s device. For total data protection, no intermediate server or software is used in the transmission, and no backdoors exist. For additional security, Galaxkey never stores passwords in any format.

The Galaxkey Secure Gateway (GSG) has been designed to offer organisations a robust frontline defence in the form of powerful encryption for incoming and outgoing data. Users can select setting from different modes that allow them to encrypt or decrypt emails in any direction they require. It also offers enterprise customers a flexible form of encryption that can be easily adopted and integrated with their existing architecture for mail flow.

Encryption Standards

Galaxkey uses AES FIPS 140-2 compliant encryption security modules which is the US government standard that defines a minimum set of the security requirements for products that implement cryptography — primarily designed for cryptographic modules that are used to secure sensitive information. The system uses 2048-bit RSA Keys as a standard, and the cyphers can be substituted if required.

The standard are used across all the platforms – Windows, iOS, Android and MAC OSX

You can control your keys

Galaxkey has a unique architecture where it can provide you with complete control of your encryption keys. With the hybrid (in-house or self-hosted) models, encryption keys are generated in your environment.

Galaxkey supports integration into HSM. We are partnered with Thales and can provide a seamless integration with Thales HSM devices.

Administrator Control

Galaxkey provides a perfect solution for administrators to manage their keys and control their data. With corporate accounts, administrators can create encryption policies for their users based on groups. There are detailed audits and white labelling options available for administrators to brand the platform.

Create policies for your users

Set rules and policies to protect your data and meet specific compliance requirements. These policies can be applied on Outlook and also on Galaxkey Secure Gateway.

Various policies can be set based on user groups. The policies can be applied of various elements of the email like subject, meta data, body and also attachments. The policy engine support regular expressions hence the administrator has complex flexibility to configure the rules on the encryption. Policies are an effective way to implement Data Loss Prevention (DLP) in corporate emails.

Single Identity

When a user registers with Galaxkey, it creates an identity for the user. This same identity is used for Email encryption, File encryption and also for Galaxkey Workspace.

The identity is then secured for that user, with all the information stored inside the encrypted packet.

Galaxkey does not store any passwords in any form whatsoever.

Galaxkey supports Active Directory, Azure Active Directory and Okta integrations for single sign on. The Galaxkey Active Directory Synchronistaion makes it easy for corporates to provision and de-provision users on the Galaxkey Platform.