COCOON DATA

About Cocoon Data

Cocoon Data was founded in 2007 to address the growing need for data security in the public, commercial, banking and defence sectors.

What makes them different from our competitors is that our software separates the encrypted envelope from the access keys that are needed to open the envelope.

Be Careful

File or Document transfer via the internet was not meant to be safe and secure. Documents can be intercepted, copied and changed anywhere en route to its recipient. In addition, it can live on for years in recipients email boxes.

Secure Envelopes allows the sender or 'creator' of any type of electronic attachment to easily encrypt, manage and control the attachment, prior and post distribution.

• Revoke a person/s access post distribution.
• Revoke a certain document post distribution.
• Check and see who, how and at what time a document has been opened.
• Control whether the recipient can print or copy & paste the document.

Did you know that when you send your attachments

• They do not go directly to recipient mailboxes?
• Your Internet Service Provider (ISP) stores copies of all your attachments its mail servers before it tries to deliver them?
• That someday all the information kept on the servers can be easily used against you?

Solution

Cocoon Data has created software that allows customers to send out files and documents in secure electronic envelopes and manage access control at any time from the centralised web console.

• data in motion (when sending envelopes)
• data in use (when opening envelopes)
• data at rest (when storing envelopes)

A Revolution in File Security

What makes us different from our competitors is that our software separates the encrypted envelope from the access keys that are needed to open the envelope. The access rules and encryption keys reside on a server and the encrypted envelope is sent separately, so the user doesn't have the need to understand encryption - The envelope will always refer back to the creator's server before allowing the recipient access to the envelope.

Our software suits anyone needing document protection and document management whether it is before, during or after the document has been sent.

The Common Criteria for Information Technology Security Evaluation (abbreviated as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. There are 23 countries around the globe that are currently signed up as partners which include Australia, the US and the UK.

The Evaluation Assurance Level (EAL1 through to EAL7) of an IT product or system is a numerical grade assigned following the completion of a Common Criteria security evaluation, an international standard in effect since 1999

Why do we exist? - The need and the right to protect our privacy as individuals continue to be challenged by the needs of the State and the need to protect the broader community.

In a business context, the challenge to protect information and customer data in a collaborative "global village" is yet to be solved. In the meantime, some governments are increasing the burden on corporations to protect the right to privacy against the need to improve the bottom line.

In government, the challenge to be seen to provide or protect individual freedom and meet the needs of government continues to be a delicate one.

Our Competitive Edge - The major competitive edge we have over other software is that our software separates the encrypted file from the access rules and keys - a revolution in file security. The access rules and encryption keys reside on a server and the encrypted envelope moves separately - but it always refers back to the server before allowing access.

"our software separates the encrypted file from the access rules and keys - a revolution in file security"

You may already know that attachments to email are insecure; however, it may surprise you to learn just how insecure it really is.

• Did you know that email attachments which you thought were deleted years ago may be sitting on server's half-way around the world?
• Did you know that your attachments can be read and modified in transit, even before they reach their destination?

Secure Envelopes allows the sender or 'creator' of any type of electronic attachment (e.g. Word, PDF, Media File, Excel etc) to be able to encrypt and manage the attachment for the term of its life.

Through our software we allow the creator to place various business rules around the life of the envelope before it is sent and also allowing the creator to alter the envelope after it is sent.

This means that not only can the creator enter individual recipients to the envelope; the creator can CHANGE the rules even after the envelope has been sent. This means ANY recipients usual access rights can not only be changed - but totally REVOKED post distribution - anywhere, anytime.

• Access control to encrypted files outside of company domain or firewall
• Simple 2mb installation with easy to use interface
• Revoke recipients access post distribution, any time, through a web browser
• Access Audit reports on who accessed the envelope and when
• Secure encryption of attachments without the user handling keys - just press 'encrypt'
• Separation of access control rules and encryption keys from the encrypted envelope
• Total key and access control managed 'server side' - no key ring management by users.
• API for bulk Secure Envelope creation

Some of the security issues we have solved include:

• Eavesdropping
• Invasion of Privacy
• Attachment Modification
• False Attachments
• Message Relay
• Repudiation (Sender denies that they sent the attachment and/or the Receiver denies they received the attachment)

Key management - We have separated the keys that unlock or de-codes the secure envelope, from the secure envelope. The reason a file can be hacked is because the key resides within the file and thus, with enough 'brute force' the key can be broken.

With our technology there is not only no key within the secure object, but other elements to make it impossible to hack as a standalone file - in fact "hackers don't even know where to start".