Technology

Sookasa’s patented technology delivers unprecedented control over the cloud

Sookasa is the best solution for providing end-­to-­end encryption to cloud‐based file-­sharing services.

Sookasa employs file-level encryption on devices and the cloud with AES 256-bit encryption. Sookasa pairs with both Dropbox and Google Drive and essentially decouples the encrypted data from the keys required to decrypt it. Neither the cloud storage service nor Sookasa has access to the user’s raw data.

Sookasa Highlights

 

Compliant data storage and transmission

 

Native Dropbox user interface

 

File-level encryption on devices and on the cloud

 

Control access to files both inside and outside the organization

 

Block access to specific devices when stolen or lost

 

Deny access to specific users in employee-separation scenarios

 

Full audit trail, including all file operations and sharing events

 

Compliance with HIPAA regulations

Sookasa facilitates HIPAA-compliant use of Dropbox and Google Drive without compromising the user experience

Access control

Sookasa ensures that only authorized people can access electronic protected health information.

SKA001_Technology_04_07Unique user identification Sookasa assigns unique credentials to users based on their email addresses and secure passwords to identify and track user identities. Learn More »

SKA001_Technology_04_09Emergency access procedure Sookasa allows admin access to necessary electronic PHI during an emergency through a web-based dashboard. Learn More »

SKA001_Technology_04_11Automatic logoff Sookasa automatically terminates an electronic session after a set period of inactivity. Learn More »

Audit control

Sookasa tracks the activity for every encrypted file and provides the logs with a simple reporting tool.

SKA001_Technology_04_23Integrity controls Sookasa validates the integrity of versions with a hash-based message authentication code. Data cannot be modified or destroyed without detection. Learn More »

SKA001_Technology_04_20Transmission security Sookasa encrypts the files before they are transmitted via secure HTTP to the cloud, protecting the files in transit and at rest. Learn More »

SKA001_Technology_04_17Audit trails Sookasa logs every modification, copy, access, or share operation made to encrypted files and associates each with a user. Learn More »

Seamless Dropbox and Google Drive integrations

Files are encrypted by Sookasa, but syncing and sharing is performed and managed by the native cloud storage software.

Superior user experience

Sookasa leverages and preserves the superior user interface and syncing capabilities of Dropbox and Google Drive

Automatic encryption

Any file placed in the Sookasa folder is automatically intercepted and encrypted by the Sookasa client, so data is encrypted before it is synced by the cloud storage provider

Sookasa encrypts on-device and via the cloud through Dropbox’s web interface

Data and key separation

Files are stored by Dropbox and Google Drive, but neither has access to the keys. The combination of the cloud storage provider and Sookasa separates the encrypted data from the keys required to decrypt it

Key management

Sookasa manages access to files by distributing the encryption keys using a centralized web-based server

Encryption

SKA001_Technology_04_33Sookasa’s on-device app encrypts each file with a unique AES-256 key

SKA001_Technology_04_37The encrypted file is augmented with signed metadata and includes the file key encrypted by the team master key

SKA001_Technology_04_41The encrypted file is synced by the Dropbox or Google Drive app to the cloud

Decryption

SKA001_Technology_04_44A user tries to open a file from a computer or smartphone

SKA001_Technology_04_47The Sookasa client talks to the server to request the specific file encryption key and sends:
• signed encrypted file metadata
• the user’s credentials
• a unique identifier for the device

SKA001_Technology_04_50The Sookasa server validates the signatures, verifies whether the user and device are authorized to access the files, and logs the request

SKA001_Technology_04_37PermittedThe Sookasa server will provide the appropriate file key so the user can open the file SKA001_Technology_04_58Not PermittedThe user will not be able to view the file