Have a question?

Extortion, espionage and information and identity theft is a global industry, run by cybercriminals, nation states and state actors who have vast resources and are highly motivated.

As the risks keep growing, it has never been more important to make sure that the way your employees share sensitive and PROTECTED information with others is absolutely secure and fully auditable.

DekkoSecure for Government and Law Enforcement is a zero-knowledge platform which means that no one, including DekkoSecure, can ever access your data at any time.

Every single file, document, message and video conference on DekkoSecure for Government and Law Enforcement is protected using multiple layers of end-to-end encryption and a unique key management protocol. This is the same level of encryption used in the highly-secret communication channels by military organisations.

Shared information can only be read by the sender and the receiver, no one else. Best of all, DekkoSecure for Government and Law Enforcement is fast and easy to use so teams can work at full speed while keeping critical information safe.

Yes. Our platform provides an immutable audit trail which means that the chain of events cannot be changed even if the documents and groups they are associated with are deleted.

DekkoSecure for Government and Law Enforcement can be implemented in a matter of minutes! As a cloud-based managed service, our platform is a turn-key solution that requires very little input from IT administrators or end-users to get up and running.

Typically, we assist clients by understanding their use cases, security assessment processes and conduct a trial before final activation. Following this the production system will be available immediately.

DekkoSecure for Government and Law Enforcement is a secure alternative to email communication, manual document handling or otherwise restrictive digital solutions. This takes form in an intuitive web application and efficient inter-organisation collaboration environment suitable for highly sensitive material, where geographical or technical limitations would otherwise stop, hinder or present unacceptable risk to an interaction.

No other platform offers the same level of military-grade security, simplicity of use and control. DekkoSecure for Government and Law Enforcement:

• transfers files of unlimited size easily and fast with a complete audit trail
• offers live editing, e-signature and video-conferencing features
• guarantees a fast and totally secure environment using end-to-end encryption that eliminates accidental misaddressing and reliance on USBs and hard copy files
• has a unique and totally transparent key management system built in which means encrypted information can’t be decoded
• is powerful and fast so teams can work at full speed while keeping critical information safe
• guarantees data sovereignty by storing data in the jurisdiction of your choice
• can be customised to fit any workflow and needs no technical support or installation
• doesn’t need tech support or installation.

Yes. Every message is individually encrypted, which further increases DekkoSecure for Government and Law Enforcement’s security by ensuring that even if one file was to be accessed maliciously, no other files would be compromised. Typically, encryption systems only apply one key to a set of files which creates a single-point-of-failure, which is especially high-risk if that key or password is sent over an unsecure channel such as SMS or email.

A minimum of three layers of encryption (ECC AES-256 for file, message and conference media encryption, SHA384 for signing, SSL-4096 for client communication) are used at all times, on:

• File names, file contents, the message subject
• Message contents and size
• Video conference topic, media and notes

Not even the creators of DekkoSecure and administrators of a system using DekkoSecure for Government and Law Enforcement can see users’ data. Every user’s password is itself encrypted, every document has its own key and there are no ‘back doors’ or master encryption keys.

All site communications are secured using HTTPS.

DekkoSecure does not utilise end-to-end encryption for metadata, as it is developed primarily as a business solution privacy tool - not an anonymity tool.

DekkoSecure for Government and Law Enforcement utilises the Microsoft Azure with triple data centre HA redundancy. All cloud infrastructure utilised by DekkoSecure in Australia is IRAP-PROTECTED assessed.

DekkoSecure has been IRAP PROTECTED assessed by Sekuro, penetration tested by Deloitte and claims tested by Enex TestLab. Check out our compliance page to learn more and request our reports!

Yes! For regular DekkoSecure accounts, two-factor authentication is performed using a time-based method that generates a unique code each time you log in. This means you can use apps like Microsoft Authenticator, Google Authenticator, or open-source alternatives to add an extra layer of security to your account. If your account uses Azure Active Directory (AAD) single sign-on (SSO), you can also use multi-factor authentication (MFA) during the login process to make sure your account complies with your organization's security policies.

Once you log out, any data left on your device is useless unless it is stored locally.

Accounts are secured by your password, which DekkoSecure does not (and can not) know. You can also enable two-factor authentication (2FA) to you account inorder to add an extra layer of security. SSO accounts a hybrid encrypted private key storage mechanism is employed to ensure security.

To authenticate users at sign up, we use a combination of public key cryptography and password-based authentication. When a user signs up, we prompt them to create a strong password, which we then encrypt using a one-way hashing algorithm. We store the resulting hash in our database, along with the user's public key. When the user attempts to log in, we prompt them to enter their password and encrypt it using the same one-way hashing algorithm. We then compare the resulting hash to the one stored in our database. If the two hashes match, we consider the user to be authenticated. This process protects the user's password from being transmitted in plaintext and from being easily retrieved if our database is compromised.

When data and accounts are deleted, the keys for all data subject to deletion are deleted. Following that, this encrypted data is overwritten with garbage data which is then deleted again. Once data has been deleted on DekkoSecure it is irretrievable.