Breaches involving
compromised secrets
Verizon 2023 Data Breach Investigations Report
The Need
Why current solutions don't work.
0%
Breaches involving
$0 million
Average cost of a
data breach in 2023
IBM Cost of a Data Breach Report 2023
0%
Breaches involving
internal actors
Verizon 2023 Data Breach Investigations Report
The average cost of a data breach reached a new high in 2023, up 15.3% from $3.86 million in 2020. Unfortunately, it's showing no signs of slowing down either.
The Technology
Meet SplitSec.
SplitSec uses multi-party cryptography to split your secrets across a number of people or devices that you choose. Meaning if one gets lost or hacked, your secrets are still safe.
Scroll down to see how it works.
Send a secret to SplitSec
Split your secret in to 0 overlapping fragments
Decide how many you’ll need to restore it
V2bVah
y7AmKz
ksNq4L
H9y2VE
Nc25Ew
password123$
Protect each
fragment with
different factors
So that even if
a few are
lost in a fire
hacked by bad guys
stolen by a rogue admin
locked out by mistake
deleted by accident
Your secret is still secure
... and accessible whenever you need it
The Benefits
How SplitSec does it better.
Harder to Compromise
By distributing access to secrets across multiple people and factors, the compromise of a single fragment does not compromise the secret itself.
Tolerant to Loss
Losing one or more fragments does not mean the loss of a secret. In fact, you can configure how many reduntant fragments you want to create, to avoid disaster.
Maximises Response Times
Enables secret retrieval within seconds, rather than the hours or days of legacy solutions. Supporting those middle of the night worst-case scenarios for your Ops teams.
Risk Aware
Decide what risks are most important to you, and configure your secret protection to match. Take action as the risk position changes or threats emerge.
Cost Effective
A cloud-based software solution is quick to deploy and is massively more cost effective than physical security measures or legacy software solutions.
Enterprise Ready
The solution will scale to integrate with your software stack, be located where you require it, offer policies to control it, and meet regulatory requirements.
The Existing Solutions
SplitSec versus the alternatives
You probably already have somewhere you squirrel away your most secret of secrets.
But are you aware of their risks and limitations?
If you won the lottery,
would you put those millions
in
your everyday bank account?
Using a password manager is great for your day-to-day passwords. It’s fast, available on almost any device, and accessible with a single password. Like a bank account that you can use anywhere, just by typing in your card number.
But you unlock a password manager on each of those devices. On the same devices you use to browse the internet. Protected by a single password that’s vulnerable to someone looking over your shoulder, or being watched by malware.
Unlike a traditional password manager, SplitSec uses multi-party cryptography to split your secrets across a number of people or devices that you choose. Meaning if one gets hacked, your secrets are still safe.
When is a pysical safe…
actually safe?
The traditional way to store master secrets is in a safe. But storing secrets this way gets expensive quickly. Having a safe is one thing, but how do you know if someone has secretly accessed it? Or there’s a fire? Or the key is stolen?
Big companies put their safes in a secure room, with someone monitoring the CCTV, changing access codes, and duplicated to a second location in case of disaster. It's surprisingly expensive, and slow to access or update the secrets within.
Like a physical safe, SplitSec uses industrial strength security to keep your secrets safe, but at a fraction of the cost. It's also faster to access when you need it the most, and is not restricted to a physical location.
How do you know you can rely
on them, and how quickly
can
they respond?
Using a trusted 3rd party, such as a lawyer, to keep your secrets safe is a common method used in medium sized organisations. They can often be trusted to execute a retrieval process as you’ve defined it, once your criteria have been met.
But how can you ensure they’re equipped to deal with the safeguarding of such secrets? What’s more, if something happens to your services in the middle of the night, will such 3rd parties jump out of bed as quickly as your support team?
With SplitSec, you define your access criteria, and we enforce them. Our servers never sleep, and are ready when are. You can also delegate access across multiple teams or managers, to ensure a single employee can't go rogue.
Expensive to purchase and maintain,
hard to use and
configure
Enterprise Priviled Access Management is like a password manager on steroids. Great for day to day secrets, but it means all your eggs are in a single basket. It's always possible for a rogue admin to scoop up the secrets, and go on the run.
Not only that, they're really expensive and hard to maintain. Many features remain unused because they're simply too complex to configure. Also, where do you put the secrets that underpin your PAM solution?
SplitSec uses multi-party cryptography to split your secrets across a number of people or devices that you choose, to achieve zero-knowledge, and multi-party approval. It's easy to configure, and at a fraction of the cost.
Great for some types of secrets,
but not for most.
Hardware Security Modules are specialised servers for storing and managing cryptographic keys. With private keys, they're designed to allow the key in, but never let it out. Instead, performing your encryption or signing within the HSM.
However, HSMs often get misused by storing secrets that can't be operated on within the HSM. They're expensive, and complicated to operate. Using them for regular secrets means more access, and oppertunities to make a mistake.
SplitSec is far more cost effective, and much easier to use. Management tasks don't risk wiping out your secrets by mistake, and you have far more control over who can access what, when and where using easy to manange policies.
Contact
Get in Touch
Right now, we're busy building. But we'd love to hear from you.
Whether you want to use it, have an idea for the product, want to join us,
or want to invest.