Have a question?
Support is just one click away. Browse answers to Frequently Asked Questions below or contact us.
Your quick guide to our end-to-end secure platform
How does DekkoSecure help to prevent a data breach?
DekkoSecure's zero knowledge security model, enabled by end-to-end encryption, means it is impossible for an attacker to access any data in the event of a breach - all data is encrypted, and not readable by unauthorised parties.
How are accounts secured?
Accounts are secured by your password, which DekkoSecure does not (and cannot) know. Two-factor authentication (2FA) is also required to add an extra layer of security. For SSO accounts, a hybrid encrypted private key storage mechanism is employed to ensure security.
How do you authenticate users at sign up?
To authenticate users at sign up, we use a combination of public key cryptography and password-based authentication. When a user signs up, we prompt them to create a strong password, which we then encrypt using a one-way hashing algorithm. We store the resulting hash in our database, along with the user's public key. When the user attempts to log in, we prompt them to enter their password and encrypt it using the same one-way hashing algorithm. We then compare the resulting hash to the one stored in our database. If the two hashes match, we consider the user to be authenticated. This process protects the user's password from being transmitted in plaintext and from being easily retrieved if our database is compromised.
Do you support two-factor authentication?
Yes! For regular DekkoSecure accounts, two-factor authentication is performed using a time-based method that generates a unique code each time you log in. This means you can use apps like Microsoft Authenticator, Google Authenticator, or open-source alternatives to add an extra layer of security to your account. If your account uses Azure Active Directory (AAD) single sign-on (SSO), you can also use multi-factor authentication (MFA) during the login process to make sure your account complies with your organisation's security policies.
How long does set up take?
The DekkoSecure platform can be implemented in a matter of minutes. As a cloud-based managed service, our platform is a turn-key solution that requires very little input from IT administrators or end-users to get up and running.
Typically, we assist clients by understanding their use cases, security assessment processes and conduct a trial before final activation. Following this the production system will be available immediately.
How do you delete data?
When data and accounts are deleted, the keys for all data subject to deletion are deleted. Following that, this encrypted data is overwritten with garbage data which is then deleted again. Once data has been deleted on DekkoSecure it is irretrievable.
What is left on my device after logging out?
Once you log out, any data left on your device is useless unless it is stored locally.
Is there an audit trail?
Yes. Our platform provides an immutable audit trail which means that the chain of events cannot be changed even if the documents and groups they are associated with are deleted.
Has DekkoSecure been compliance tested or independently verified?
DekkoSecure has been IRAP PROTECTED assessed by Sekuro, penetration tested by Deloitte and claims tested by Enex TestLab. Check out our compliance page to learn more and request our reports.
Can DekkoSecure's secure mail service replace traditional email for sensitive communications?
Yes. DekkoSecure Mail feature offers the highest security and has all the features of standard email, with the added advantage of no limits on attachment sizes and read receipts.
Can the DekkoSecure platform accommodate large files?
Yes. DekkoSecure is the only end-to-end encrypted platform with no file size limits or file type restrictions. It is the only zero-knowledge platform for secure large file transfer.
How will my communications be secured?
∙ File names, file contents, the message subject
∙ Message contents and size
∙ Video conference topic, media and notes
No one, not even DekkoSecure, can see users’ data. Every user’s password is itself encrypted, every document has its own key and there are no ‘back doors’ or master encryption keys.
All site communications are secured using HTTPS.
DekkoSecure does not utilise end-to-end encryption for metadata, as it is developed primarily as a business solution privacy tool - not an anonymity tool.
What compliance standards does the DekkoSecure platform meet?
DekkoSecure is IRAP (Aus) and GO-ITS (Canada Ontario) assessed and aligns with ISO27001 and NIST standards.
DekkoSecure has been IRAP PROTECTED assessed by Sekuro, penetration tested by UpCyber and claims tested by Enex TestLab. Check out our compliance page to learn more and request our reports.
How frequently are security updates and patches applied to your platform?
Security updates and patches are applied to our platform as soon as they are available and have been thoroughly tested to ensure compatibility and stability. As a fully managed, web-based SaaS solution hosted on the public cloud, we handle all aspects of maintenance and updates, meaning our customers and users do not need to install anything or manually apply updates. This process ensures that our service remains secure and operates at peak efficiency without any action required from your end.
What infrastructure do you store user data on and where?
DekkoSecure for Government and Law Enforcement utilises the Microsoft Azure with triple data centre HA redundancy. All cloud infrastructure utilised by DekkoSecure in Australia is IRAP-PROTECTED assessed.
What level of encryption is used for your secure eSignatures, and how are signatures authenticated?
A new key is generated for every file and message sent (AES-256), which is exchanged with recipients using Public Key Infrastructure, and all elements added to a signed document (signature, text, images, etc.) is digitally signed using the approver's private key (ECC-384) resulting in a secure esignature.
Is every file encrypted?
Yes. Every file is individually encrypted, which further increases DekkoSecure’s security by ensuring that even if one file was to be accessed maliciously, no other files would be compromised. Typically, encryption systems only apply one key to a set of files which creates a single-point-of-failure, which is especially high-risk if that key or password is sent over an unsecure channel such as SMS or email.
What do you mean when you say the DekkoSecure for Government and Law Enforcement platform provides ‘military grade’ security?
DekkoSecure for Government and Law Enforcement is a zero-knowledge platform which means that no one, including DekkoSecure, can ever access your data at any time.
Every single file, document, message and video conference on DekkoSecure for Government and Law Enforcement is protected using multiple layers of end-to-end encryption and a unique key management protocol. This is the same level of encryption used in the highly-secret communication channels by military organisations.
Shared information can only be read by the sender and the receiver, no one else. Best of all, DekkoSecure for Government and Law Enforcement is fast and easy to use so teams can work at full speed while keeping critical information safe.
What problems does DekkoSecure for Government and Law Enforcement solve for customers?
DekkoSecure for Government and Law Enforcement is a secure alternative to email communication, manual document handling or otherwise restrictive digital solutions. This takes form in an intuitive web application and efficient inter-organisation collaboration environment suitable for highly sensitive material, where geographical or technical limitations would otherwise stop, hinder or present unacceptable risk to an interaction.
How is DekkoSecure for Government and Law Enforcement different to other collaboration platforms?
DekkoSecure is the only platform that offers military-grade security, simplicity of use and control. DekkoSecure for Government and Law Enforcement:
- Transfers files of unlimited size easily and fast with a complete audit trail
- Offers live editing, e-signature and video-conferencing features
- Guarantees a fast and totally secure environment using end-to-end encryption that eliminates accidental misaddressing, reliance on USBs and hard copy files
- Has a unique and totally transparent key management system built in which means encrypted information can’t be decoded
- Is powerful and fast so teams can work at full speed while keeping critical information safe guarantees data sovereignty by storing data in the jurisdiction of your choice can be customised to fit any workflow and needs no technical support or installation.
Common questions on how to securely share, store and collaborate in the cloud
What is secure file sharing?
Secure file sharing, characterized by end-to-end encryption and authentication/authorization controls, ensures that files are encrypted from the moment they are sent until received by the intended recipient, and only accessible to those with explicit permission.
How does secure file sharing work?
A secure file sharing service with end-to-end encryption uses Public Key Infrastructure (PKI), where users are given a unique pair of keys: a public key for encrypting messages and a private key for decrypting them. This ensures that only the intended recipient, who possesses the correct private key, can decrypt and access the files sent to them. Authentication verifies the identities of the individuals exchanging files, confirming that they are who they claim to be. Authorization controls further restrict access, allowing only those with explicit permissions to view, edit, or share the files, thus maintaining strict control over data access and distribution.
To what extent is sharing files risky? Why do I need a secure platform?
Cyber extortion, espionage, and identity theft have become pervasive global issues, orchestrated by cybercriminals, nation-states, and state actors with substantial resources and strong motivations.
Given the escalating risks, ensuring the utmost security and comprehensive auditability in how individuals and organizations exchange sensitive and PROTECTED information is paramount.
Does secure file sharing require a secure connection?
E2EE (End-to-End Encryption) sharing with TLS (Transport Layer Security)/HSTS (HTTP Strict Transport Security) and authentication/authorization controls provides a high level of security that, under most circumstances, does not require a VPN (Virtual Private Network) for the secure file sharing. However, a user might need to be on a VPN to authenticate when using a corporate account, especially if Single Sign-On (SSO) is implemented and the organization's policy restricts access to its internal systems from external networks.
What is end-to-end encryption?
End-to-end encryption guarantees that only the content owner and authorized content recipient can access their data. This is made possible using encryption keys and a sophisticated key-exchange mechanism.
What is military grade encryption?
Military grade encryption is a security model that adopts that encorporates the same priorities as a military operation - no intercept, no interruption, and guaranteed integrity.
What is secure mail?
A secure mail/messaging service features end-to-end encryption (E2EE) and uses Public Key Infrastructure (PKI) to ensure that only the communicating users can read messages. Each user has a pair of keys: a public key for encrypting messages and a private key for decrypting them, guaranteeing that messages can only be decrypted by the intended recipient. Authentication mechanisms confirm the identity of each user, ensuring that messages are exchanged between genuine parties. Authorization controls manage who can send, receive, or participate in conversations, protecting the integrity of communications and ensuring that only authorized individuals can access or initiate secure exchanges.
What risks do mobile devices pose when it comes to secure file sharing and emails?
Mobile devices shouldn't be used for secure file sharing - they increase the risk of data leakage, unauthorized access, and interception of files and emails due to loss or theft, insecure apps, and lack of robust encryption and security measures.
What compliance regulations apply to state and provincial government file and encrypted email content communications?
State and provincial government encrypted mail and communications must comply with local data protection laws, national standards like NIST (National Institute of Standards and Technology) in the U.S., and sector-specific regulations such as CJIS (Criminal Justice Information Services) for law enforcement agencies.
What are the risks associated with sharing files and emails across different government agencies when military grade encryption is not considered?
Without military grade encryption, sharing files and emails across government agencies can lead to unauthorized access, data breaches, interception by third parties, and compromise of sensitive information.
What are the consequences of noncompliance with security and compliance regulations for state and provincial government file and email content communications?
Noncompliance with security and compliance regulations for state and provincial government file and email content communications in the USA can result in significant legal penalties, including fines, sanctions, and potential loss of federal funding. Additionally, it can lead to breaches of sensitive information, undermining public trust and confidence in governmental operations and services.
What are the risks associated with outdated file sharing systems being used by government agencies?
Outdated file sharing systems pose risks of data breaches, non-compliance with current security standards, vulnerability to cyberattacks, and inefficient management and access of sensitive information.
How can local governments/government contractors ensure secure file transfer between departments and external partners?
Local governments and contractors can ensure secure file transfer by using solutions that offer end-to-end encryption, secure authentication, and compliance with relevant data protection regulations.
How can local governments/government contractors effectively manage secure large file transfer and the growing volume of email communication and attachments?
Governments can manage secure large file transfer by implementing scalable secure file transfer solutions that offer robust encryption, large file handling capabilities, and efficient email management and archiving systems.
How can you ensure that secure file sharing for government contractors and local governments is not compromised when users access it remotely?
Remote secure file sharing for government can be acheived by implementing measures like multi-factor authentication, using VPNs (Virtual Private Networks) for encrypted connections, and enforcing strict security policies for device and application use.
How can local governments/government contractors manage the secure document authorisation of sensitive documents among different groups of stakeholders?
By using secure document authorisarion and management platforms that feature controlled access permissions, audit trails, and digital signature capabilities to ensure that only authorized personnel can view and approve sensitive documents.
How can local governments/government contractors streamline the review and secure document signing of contracts and other legal documents?
Implementing digital signature solutions and document management systems that support collaborative reviews, track changes, and provide secure, verifiable signing processes can streamline secure document signing.
How does file and email data communication create risk exposure for the federal government?
File and email data communication can create risk exposure for the federal government by potentially allowing sensitive information to be intercepted, accessed, or tampered with by unauthorized parties, leading to breaches of national security, loss of public trust, and legal repercussions. Without adequate encryption, secure transmission protocols, and data handling policies, these communications are vulnerable to cyberattacks and espionage.
What is data governance in healthcare?
Data governance in healthcare prioritises data quality, security, privacy, interoperability and regulatory sensitivity. DekkoSecure helps achieve this through our secure collaboration service.
Which regulations do healthcare companies have to comply with?
Healthcare companies in the U.S. must adhere to HIPAA compliant file sharing (Health Insurance Portability and Accountability Act) for protecting patient information. Globally, regulations like GDPR (General Data Protection Regulation) in the EU also apply to protect personal data.
What’s the difference between electronic health records and electronic medical records and what kind of PHI do these records contain?
Electronic Health Records (EHRs) provide a comprehensive view of a patient’s health history and are accessible by multiple healthcare organizations, while Electronic Medical Records (EMRs) are digital versions of the paper charts in a single practitioner’s office. Both contain Personal Health Information (PHI) such as treatment plans, medical history, and personal identification details. Patient data protection is vital when PHI is considered.
What features should healthcare organizations look for when selecting a secure file sharing solution?
Healthcare organizations should seek secure file sharing solutions that offer end-to-end encryption, HIPAA compliance, audit trails, and secure access controls to protect sensitive patient data.