One of our biggest strengths here at Daston is helping businesses stay in compliance with strict government standards. For companies that handle items on the U.S. munitions list, extra security layers make it complicated, since every company in the supply chain that manufactures, designs, buys, sells, handles, or distributes munitions must be compliant with International Traffic in Arms Regulations (ITAR), at the risk of hefty fines.
New ITAR Rules
The U.S. State Department recently announced that it now allows sharing of unclassified defense-related data if the technical data is encrypted end-to-end, and if no cloud provider can possibly decrypt the data. This is fantastic news for Daston clients. Our security architecture includes ITAR-compliant end-to-end encryption, allowing us to offer an elegant solution to help your company comply with ITAR’s end-to-end encryption rule. As a result, your company can easily streamline internal data storage and sharing by moving unclassified defense-related data to the cloud.
The new ITAR guidelines also make it easier to comply with requirements when employees must access ITAR-restricted data while traveling internationally. Prior to the new ruling, employees had to apply for a special license to access ITAR data abroad. Now, they are no longer forced to file paperwork, making it easier for overseas employees to do their jobs.
Daston’s Email and Storage Solutions Meet ITAR Standards
With Daston’s email solution, data never is decrypted on a server; rather, it is encrypted and decrypted on a user’s device. Additionally, no cloud provider has access to network access codes, keys, or passwords that allow decryption because we don’t ever have access to user keys. Private keys only are stored on user devices.
Similarly, with Daston’s storage solution, only you and the people with whom you’ve shared files can decrypt them. Users can access files stored on our drive from any of their devices or share files with other users who have the appropriate access permissions.
In compliance with the new ITAR ruling, Daston’s servers store only encrypted data and can’t access keys to decrypt it. Our key management system eliminates key servers and the central points of attack they present. While competing encryption systems store decryption keys in a central key server, Daston’s solutions enable storage, sharing, and revocation of encrypted data from user devices.
Additionally, Daston’s solutions eliminate passwords, shutting down security risks from password-guessing attacks and phishing. Instead, we authenticate users via strong cryptographic keys that are automatically created and stored on devices.
Are you ready to stop worrying about ITAR compliance and focus more on other important tasks? Contact Daston for a free consultation today! Call 703-288-3200