FAQ’s about ComplyFX™
Why does my business need a managed cyber security solution?
Small businesses are more exposed to cyber attacks than ever before with 70% of small and medium sized businesses having experienced a cyber attack. Hackers target SMB’s because their lack of adequate cybersecurity makes them easy targets. The right cybersecurity protection offers comprehensive threat protection. It is the best way to safeguard your devices and protect your clients, employees, and sensitive data against viruses and all sorts of malware such as ransomware, Trojan horses, spyware, adware, identity theft and more.
What devices are compatible with the ComplyFXTM platform?
The platform is compatible with Windows 10, 8.1, 8, and 7 desktops and laptops.
Why choose the ComplyFXTM platform for my NIST 800-171 compliance needs?
The ComplyFXTM platform was designed to meet the cyber security needs of small and medium-sized businesses. Cybersecurity is complicated, that is why we created a simple and easy-to-use platform to centralize your business security. Our platform is both affordable and flexible allowing you to pay once for the platform and then per HSM for your device management needs. Your business security should not be out of reach, and compliance should not be in the way of your day-to-day activity. The ComplyFXTM platform runs automatically in the background allowing you and your employees to work without interruption.
What kind of protection does the ComplyFXTM platform provide?
The ComplyFXTM platform provides complete cybersecurity protection. Our state-of-the-art technology protects your business from ransomware, malware, identity theft, phishing, malicious websites, camera and microphone hacking, and more.
What is an HSM (Hardware Security Module)?
- A secure dedicated hardware for storing cryptographic keys
- It can encrypt, decrypt, create, manage, and store digital keys
- Validated signature and authentication
- An HSM prioritizes safeguarding and the protection of sensitive data
Why do you need an HSM?
- From a purely technical perspective, an HSM is a very secure way to store cryptographic keys
- The hardware is physically protected
- You cannot break into it, and it detects and alerts you if something is wrong.
- If an HSM is stolen and gets switched off, the cryptographic keys can be automatically deleted from its memory
- Thus, it is a secure solution if you need to protect extremely sensitive information
What are the main benefits of using HSM?
- An HSM securely protects your cryptographic keys, but at the same time makes them easily accessible from your application and provides you with a high availability and performance of crypto operations.
- By using an HSM, you relieve your servers and applications as the key manager for encryption, and instead the encryption management is done via HSM hardware versus your server
Can’t you just encrypt and decrypt without using an HSM?
- Yes, you can, but usually the keys used for encryption are generated and stored in the same device as the encryption.
- This is rarely a good protection for these sensitive keys.
- If the key is accessible via the computer network, the probability of the key being found and stolen increases significantly.
- These keys can then be used to decrypt and steal sensitive data.
What security requirements exist for HSM’s?
- There are strict standards and certification processes for HSM units.
- There are specific security standards that the hardware itself must adhere to – FIPS-140 (Federal Information Processing Standards) is one of them.
- Using an HSM is a security stamp for your organization, and for those who evaluate your compliance with security standards
- Highlights that the company is taking information security and encryption seriously.
What kind of companies benefit most from using an HSM?
- Companies with good insight into IT security and a need to encrypt, sign or verify data
- Companies in all industries that handle extremely sensitive data need to securely store crypto keys
- HSM’s are a good solution for protecting encryption of personal data.