The Technology

The Onion Model

Galaxkey uses a proprietary three-layered encryption architecture based on an onion model. Peel one layer at a time to open up the encryption. The technology is designed on an identity-based encryption model so only that ‘identity’ can view the message or file. Data is secured using FIPS 140-2 compliant encryption algorithms across all our platforms, and this standard is the benchmark of data security as set by the US Government.

With the three layers of encryption, Galaxkey provides the highest level of cybersecurity across multiple platforms.

What makes our platform unique is no keys or passwords are stored with the encrypted data making our products the most powerful tools for multi-device data security available.

More Details
Enterprise Email Encryption

Galaxkey Secure Gateway

The Galaxkey Secure Gateway or GSG, in short, is an SMTP inline server which performs the task of encrypting and decrypting emails that are sent through the SMTP server.

The GSG is a perfect product for companies and corporate users who want to send out bulk encrypted emails. The GSG provides on the fly encryption to out-going emails. Apart from encryption, the GSG also performs automated invitations to new recipients.

The GSG can also be deployed as an incoming decryption tool. There are situations where companies want to automatically decrypt emails that come inside the organisation before being delivered to the designated recipient. GSG can be configured to perform the automated decryption.

GSG supports the Galaxkey Policy Manager. You can define encryption policies to trigger email encryption based on rules and content of the email. The policies can be set by user or group, and GSG supports all policies as per the policy defined for the sender’s email.

More Details

End-to-end Encryption

Galaxkey provides complete end-to-end security for emails and documents, in transit and storage. Once data is secured at the source device (machine or mobile), the information is restored only at the destination or the recipient’s device. No intermediate server or software is required, and no backdoors exist! Galaxkey does not store any passwords in any format.

Lot of enterprise customers require encryption at the perimeter gateway. With the Galaxkey Secure Gateway (GSG) this can be easily achieved. The GSG can be configured in various modes to encrypt or decrypt emails automatically in any direction. GSG gives complete flexibility for the enterprise corporates to adopt encryption in any of their existing mail flow architectures.

Encryption Standards

Galaxkey uses AES FIPS 140-2 compliant encryption security modules which is the US government standard that defines a minimum set of the security requirements for products that implement cryptography — primarily designed for cryptographic modules that are used to secure sensitive information. The system uses 2048-bit RSA Keys as a standard, and the cyphers can be substituted if required.

The standard are used across all the platforms – Windows, iOS, Android and MAC OSX

You can control your keys

Galaxkey has a unique architecture where it can provide you with complete control of your encryption keys. With the hybrid (in-house or self-hosted) models, encryption keys are generated in your environment.

Galaxkey supports integration into HSM. We are partnered with Thales and can provide a seamless integration with Thales HSM devices.

Administrator Control

Galaxkey provides a perfect solution for administrators to manage their keys and control their data. With corporate accounts, administrators can create encryption policies for their users based on groups. There are detailed audits and white labelling options available for administrators to brand the platform.

Create policies for your users

Set rules and policies to protect your data and meet specific compliance requirements. These policies can be applied on Outlook and also on Galaxkey Secure Gateway.

Various policies can be set based on user groups. The policies can be applied of various elements of the email like subject, meta data, body and also attachments. The policy engine support regular expressions hence the administrator has complex flexibility to configure the rules on the encryption. Policies are an effective way to implement Data Loss Prevention (DLP) in corporate emails.

Single Identity

When a user registers with Galaxkey, it creates an identity for the user. This same identity is used for Email encryption, File encryption and also for Galaxkey Workspace.

The identity is then secured for that user, with all the information stored inside the encrypted packet.

Galaxkey does not store any passwords in any form whatsoever.

Galaxkey supports Active Directory, Azure Active Directory and Okta integrations for single sign on. The Galaxkey Active Directory Synchronistaion makes it easy for corporates to provision and de-provision users on the Galaxkey Platform.