Security is the priority

Access to information stored in the Digital Vault is reserved exclusively to authorized parties and in accordance with the defined rules, including m-of-n (M authorized users from a total universe of N users, where M<N) rules.

 

Trust and Credibility

Guarantee that the information stored in the Digital Vault is certified and is not changed/ violated.

Responsiveness and Performance

Guarantee that the process of saving information is instantaneous and does not interfere with responsiveness of the services to which it is connected.

Availability

Guarantee a service with 99.9% uptime availability.

Your information in security, and accessible

 

Inquire about how the mVault digital vault may allow your team to have permanent access to the information it needs, with the reassurance that it is kept in security!

  • Possibility of Dispute
  • Shared by two parties
  • Personal/Professional Vault
  • Credentials Storage
  • Digital Vault with Possibility of Dispute

    Ensure that all necessary information is always available and in security.

    Who needs mVault?

    If your company hires software development services to external suppliers, but, as it deals with critical information, it has the requirement to keep all the source code for security purposes, validation of the installed versions and prevention of the possibility of termination of supply, the mVault digital vault is the ideal solution.

    Suppliers sometimes:

    • Do not feel comfortable in delivering the source code, which creates conflicts between organizations
    • Do not deliver the correct versions of the source code, which may cause constraints in case of service failures.

    The mVault digital vault solution is based upon a Trusted Third Party, such as Multicert, which handles all the management process of accessing to a secure digital vault, where the code will be kept.

    How does it work?

    1. A key will be generated - divided into three parts – each part becoming the responsibility of each of the entities involved. Respectively:
      • Information Producer
      • Information consumer
      • Trusted Third Party (The Trusted Third Party can only act with agreement of the Information Producer and Information Consumer or in the absence of one of the parties.)
    2. You can only access the secure vault with the presentation of any two of the three (m-of-n) key parts.

    3. In case of attempting to access the secure vault with only a part of the keys, access will be denied.

  • Digital Vault shared by two parties

    Exchange sensitive information with all the security, with a limited set of partners. Know how

    Who needs mVault?

    Ideal for companies that need to exchange information which is sensitive and has restricted scope (feasibility studies for exploration of oil wells; Research on new pharmaceutical compounds; etc.), with internal and/or external partners.

     

    To prevent theft of sensitive and confidential documents, this mVault solution involves keeping this type of supports in a secure digital vault, accessible only by authorized parties:

    • Information Producers: They access the vault and keep encrypted information to the identified recipients
    • Information Consumers: They access the vault, validate the information integrity and its origin and decipher it

    How does it work?

    The solution is developed in three easy steps:

    1. Information producers and information consumers pre-register in the system and configure their digital vault, by choosing the authentication mode and the information exchange format.
    2. The information producers submit data
    3. Information consumers obtain the content
  • Personal/Professional Digital Vault

    Store sensitive and confidential information with all security!

    Who needs mVault?

    According to your area of activity, you could be more or less likely to:

    • Be a victim of information theft, for sale or misuse
    • Need to preserve the latest versions of the information delivered to clients

    To prevent theft of sensitive and confidential documents, this aspect of the mVault digital vault solution involves keeping this type of supports in a secure vault, with the possibility of controlling access and encrypting information.

    The solution has an initial, mandatory, step: generating a unique key for each user of the digital vault, in order to allow their authentication and access to the vault.

    Later, there may be two types of activity:

    • Depositing information in the vault - The user authenticates in the vault and deposits information, which is kept encrypted in the digital vault
    • Removing information from the vault - The user authenticates in the vault and removes information. This information only becomes comprehensible if it was he (or anyone within his group) who deposited it in the digital vault.
  • Credentials Storage

    Save the critical systems management credentials, reliably, with simplicity and low cost.

    Who needs mVault?

    To prevent the theft/loss of the access credentials to critical systems and enable their use in a practical and functional way, in accordance with best practices in Information Security, this mVault digital vault solution involves saving these contents in a secure vault, encrypted and with tight access restriction measures.

    How does it work?

    There are three possible ways to store credentials:

    1. Each of the holders keeps his credentials in the vault (by being deposited, it is automatically encrypted) and this can only be interpreted by its owner
    2. To prevent that a single user has full knowledge of a critical credential, it may be introduced in the vault in separate parts, being reconstituted - and kept encrypted - only within it (without being displayed to users). Later, only a set of preconfigured people in the vault will be able to recover the entire password through the implementation of an m-of-n mechanism.
    3. The credential is inserted in the credentials’ Digital Vault for access to critical systems and it may be raised/ used after authentication of m-of-n users.

Framework

 

Multicert’s mVault digital vault solution presents a set of attributes distinct from other possible alternatives, namely:

  • Safe

    National solution, hosting the Service in Secure Data Center with dedicated cryptographic hardware, in Portugal, including primary site and Disaster Recovery site;

  • Access control

    Access control and division of responsibilities in different Working Groups, made up of qualified teams with extensive experience in security issues, in Lisbon and Porto;

  • Segregation of roles

    Segregation of roles and responsibilities ensured procedurally and through hardware controls (m-of-n mechanisms);

  • Qualified technical resources

    Geographical proximity to clients of qualified technical resources from Multicert for quick resolution of any potential problems;

  • Trusted Third Party

    Operation as a Trusted Third Party ensured by Multicert or entity to be appointed by the parties (e.g. ASSOFT, Notary Services, Law Firms, etc.);

  • Easily Auditability

    Auditability of the solution by accrediting entities (e.g. GNS – Portuguese National Security Cabinet).