Zunu Drive makes your laptops, mobile phones and tablets safer by encrypting the files you store on them. It also secures your cloud-based storage accounts like Google Drive, Dropbox, Box and OneDrive. It brings all your files together in a way that gives you Confidentiality, Control and Convenience.
Zunu Drive is the only product in the market that uses breakthrough Fully Homomorphic Encryption (FHE) technology to encrypt the content and metadata of files, and uses the industry standard AES-256 GCM to encrypt file bytes.
FHE lets you search over encrypted files and folders without decrypting them. Therefore, you can retrieve and work on files in an “Always Encrypted Paradigm”.
Zunu Drive uses zero-knowledge encryption which means that we identify you and verify your credentials when you log in without ever knowing your password. The same protocol is applied to the keys of the files.
Zunu Drive is a file encryption app that integrates with your current storage environment. Zunu Drive components include encrypted File blocks, Metadata inclusive of namespace, Content Index, and a Key Manager. The Encrypted Content Index indexes the file content and stores the data in an encrypted form. It allows users to browse and search through the encrypted content without requiring any decryption. The Key Manager is used for generating and storing keys for the files stored.
|File blocks||Each file is encrypted with a unique key and only the encrypted data is written to storage.|
|Metadata inclusive of Namespace||File identifiers and applicable attributes like filename, file type, and folder hierarchy.|
|Content Index||The encrypted Content Index for storing indexed content of files, Content Index is used for supporting "Search over Encrypted Text".|
|Key Manager||Used to store keys. All keys stored in the Key Manager are stored in an encrypted form.|
All files in Zunu Drive are encrypted by default. The user can choose if he wants to move or copy the file into Zunu Drive. We recommend moving the files as it will ensure there are no unsafe file copies on device.
When downloaded, any attachment in an email doesn’t get stored locally on the machine. It always remains inside the secure enclave of Zunu. This is how we provide end-to-end encryption. Confidentiality to emails on the device. So even if a machine is lost or credentials are compromised, data in the machine always remains safe and secured.
Currently, we store the index locally.
Zunu Drive solves inconsistent protection by using fully homomorphic techniques that allow users to search and work on encrypted data. It creates an encrypted file system to store your important files. It has extensive integration capabilities to extend confidentiality to wherever you store files.
Yes, Zunu Drive can be configured to work with existing authentication infrastructures like LDAP.
Zunu Drive REST API’s can be used to integrate with external services and build tools to work with other applications.
Yes, Zunu Drive runs as a microservice that can be self and remotely distributed using Borg or Kubernetes.
Yes, key rotation is possible. The keys get generated inside the Trusted Platform Module (TPM).
No changes are required in the current storage infrastructure. It can function as it is.
Yes, the organization has control over all the files of users in Zunu Drive. The admin in the organization can anytime revoke the recipient’s access. They can control how files are shared after the recipient receives them. They can set an expiration date to the access. They will know to who the file is being shared to.
No, Zunu Drive can be easily integrated with Google Drive, OneDrive, Box, Dropbox and other S3 and S3 compatible based storages. There is no need to shift.
Zunu Mail makes your current email systems more secure and fully end-to-end encrypted plus. All emails sent or receive in Zunu Mail are invisible to email service providers. They cannot read or access your emails. You can configure as many mail accounts as you want. Zunu Mail is a single interface to access all emails , eliminating the need to remember passwords . You can also exercise complete control over emails even after they are delivered to the recipient.
Zunu mail is an email app that integrates with your current email account. Zunu components include an encrypted Content Index and a Key Manager. An Encrypted Content Index indexes the emails and stores the data of the emails in an encrypted form. It allows users to browse and search through encrypted content without decryption. The Key Manager is used for storing keys for the emails communicated via the Email System.
|Content Index||An Encrypted Content Index for storing indexed content of emails, including metadata, body, and attachments. Content Index is used for supporting “Search over Encrypted Text.”|
|Key Manager||Used to store User Keys. All keys stored in the Key Manager are stored in an encrypted form.|
All emails sent through Zunu are encrypted by default. This means that the Zunu inbox includes encrypted mails. Gmail or Outlook inbox can include both encrypted and unencrypted emails. As not all emails are sensitive; therefore, we generally suggest the encryption of the sensitive emails. However, there is no harm in sending all emails in an encrypted form.
When downloaded, any attachment in an email doesn’t get stored locally on the machine. It always remains inside the secure enclave of Zunu. This is how we provide end-to-end encryption+. Confidentiality to emails on the device.So even if a machine is lost or credentials are compromised, data inside Zunu always remains safe and secured.
Yes, the organization still have complete control over the email sent. The admin in the organization can anytime revoke the recipients access on the email sent. They can control how emails are shared after recipient receives them. They can set an expiration date to view the attachments. They will know to who the email is being forwarded to. No email or attachment can be downloaded by the recipient in their machine.
Currently, we store the index locally
Current email service providers provide security of emails in transport and storage. They do not provide security and privacy when emails are processed. The content index reveals a lot of information about the content of the email. For example, GMail (free and the enterprise versions) has full access to the content of the emails, thereby leaking a lot of information about the user that uses their email system.
We cannot prevent Data leaks. We prevent the impact a data leak has on an organization. Data stored and processed inside zunu always is encrypted. So even if there is a data leak, there is no harm. Attacks attempting to steal data at the service side and malware and ransomware attacks are pointless. As data remains encrypted through the cycle at the Service Providers' end, no data breach will give way to any information. Each email inbox can be read-only by authorized users, and no other than authorized users have access to these email inboxes. Even the Service Provider will not have any access to the email inboxes.
Encrypted Keys are stored in the Key Management System. The keys used for email encryption are first encrypted and then stored.
No change needs to be made in the Email server software. It can function as it is.
No change needs to be made in the Email client software. It can function as it is and still be used for sending unencrypted emails.
Zunu mail can be easily integrated with Gmail and Outlook. There is no need to shift.
Yes, you can choose to go back to your earlier state any day you choose. Ziroh Labs also provides reverse migration tools that provide organizations with backup copies of emails in decrypted format. No data is lost during the reverse migration of the system.
The release cycle of the SDKs and the components is 90 days. In each release cycle, we bring in new techniques to improve performance, add new features, and fix any bugs in the existing features.