DigitalConfetti™ is an unstructured composition of data (of any kind). STASH encrypts your files using AES 256 bit technology and then slices your data into smaller pieces before sending multiple duplicate copies to a number of different datacentres (that will also segment the encrypted file pieces within their own facilities).
There are at minimum, 3 accessible copies of your data at any given time, stored with different cloud storage providers or other locations. If the primary location becomes unavailable, STASH will automatically retrieve one of the other accessible copies from a different cloud storage provider or location. Storage of any number of copies may be available for extra charge – speak to your account representative for details.
This is a proprietary secure data management system, not an out-of-the-box solution. It's as if your data is on another planet that no one else knows is there. We utilize the most state-of-the-art physical and virtual methods and technology in existence. Even if someone has access to the storage locations, all they will see is DigitalConfetti™, small pieces of encrypted files. An attacker would have to find all the pieces, reassemble them in order, and then break the encryption on the file to get access to your data. This is as secure as can be.
STASH is a solution that protects your data like no other product. Traditional security vendors sell 'tools' that are used to build fences, walls, traps etc. - but once breached do nothing to protect your data. STASH works with your existing security infrastructure to protect the data itself.
No – STASH uses a web browser-based interface that will be familiar to anyone that has ever saved a file, the difference is your data is a) encrypted and b) dispersed at the time you save the file. STASH offers a SAAS version for easy implementation, ready to use in 5 minutes. API and Backup implementations that operate in the background, with no impact on existing work practices, processes, or procedures will take a bit longer. STASH will activate custom implementations, deploying a dedicated server in our datacentres or yours, should you need it.
Your files remain encrypted and segmented for the entire time you choose to store them with STASH. Anyone with access to the storage locations will only see DigitalConfetti™. Only you will be able to access and decrypt your data.
There is a small overhead, this will equate to less than 10% of the time taken to currently save and retrieve data in your environment.
No – your data can be saved to a storage facility, region, or country of your choice. Alternatively, we can install a STASH Gateway Server on your network so your files are encrypted and dispersed, within your infrastructure. All of the features and functions of the STASH solution are included if you exercise this choice.
STASH also writes to online cloud storage providers or local storage devices. Custom integrations are available for more complex requirements.
Yes – you can choose to have your data stored in a specified country, geographic location, or with a certain cloud storage provider.
Data remains protected by STASH for as long as you maintain your account with us. For instance, the STASH Hibernate solution is architected for industries (such as Financial & Life Sciences) that are required to store data for many years. STASH Hibernate updates and maintains your information in a readable format, ensuring it can be retrieved decades after it is archived. Hibernate uses Blu-Ray technology to retain one physical copy of your data, in addition to multiple other copies in cloud storage, and/or local storage, ensuring your data is always accessible.
The fee is paid, in advance, on an annual, quarterly or monthly basis. The contract period is for a minimum of 12 months.
If any additional storage capacity is required (over and above the amount already included within your service description) these costs will be billed the month following.
We use TLS/SSL to ensure data in transit is protected before reaching our gateway, where it is then encrypted using AES 256 bit algorithms and sliced into pieces.
STASH is an unstructured data solution only. We do work with Exchange and Oracle databases - but only archive or backup copies of the files themselves, we do not interact with data in databases directly. For example, if you create an archive or export copy of an Exchange/Oracle/Microsoft SQL/MySQL database, that file can be uploaded and stored with STASH.
No - all the transformative routines, AES encryption/decryption, slicing/gluing, and the decision-making around storage locations is done on the STASH gateway server.
STASH is entirely web-based; we do not have any end user software requirements other than a standard web browser.
Yes – through a mobile browser just like on desktop or laptops.
If you can create a file, STASH can store it. There are no restrictions on file types. There is a maximum single file size of 2TB, though you can upload as many 2TB files as you wish.
File encryption and decryption keys are generated when they are needed, and destroyed immediately after use. This means that the keys aren't sitting somewhere they can be compromised or stolen, unlike most other encryption systems, even those using high security hardware modules.
STASH is not a replacement for other data management and security tools. It is the core of your data security strategy – the most impactful piece of the puzzle. Security experts all agree that a broad and deep approach (defense-in-depth) is the best protection plan for any company, and that if you're serious about protecting valuable data, a datacentric element is key. STASH security stays with the data itself. It's not the amateurs it protects against. It's the experts. The ones that are getting in, no matter what.
In short, it doesn't matter – because we only store small pieces of an encrypted file in our storage locations regardless of location. However, our public cloud storage provider buckets are marked as private and are not accessible except through the STASH gateway server.
STASH can use private cloud storage locations, or local storage location too if a public cloud is not a viable location for you.