ACES Containerized Encryption Service is a ‘Zero Trust’ encryption-as-a-software solution. Built on NSA-Approved Commercial Level Encryption, CES utilizes a diverse feature set to ensure your data is encrypted, secured, and only accessible to devices you explicitly provision access to. Not only can CES users determine who has access to their data, and when and where they can access it, but they can also determine how long that access lasts. The data owner or user can decide to revoke or restrict the data even after it has been shared. CES offers you full control of your data with a comprehensive feature set, including the following capabilities: customizable data rights management (DRM), two-factor geofencing, time-based access windows, and the ability to recall and shred any information you send.

Data Rights Management houses features that allow you to determine who, when, where, and how your data can be used. You seamlessly build in the access rights to the containers you create before sharing them!

Access Revocation & Data Destruct

Access controls enable authors to manage access to their container, even after it has been shared. “Revoke” will retroactively remove access, while “Shred” will destroy the encryption keys permanently destroying the access to the container.

Authorized User List

Enables data authors to choose who they want to share their data with.

Revoke

Enables data authors to prevent all previously authorized users from accessing a secured container. Not available for Standard accounts.

Shred

Enables data authors to prevent all users, including the data author themselves from accessing a secured container. This option is permanent and destroys the encryption keys, thereby permanently removing access to the container. NOTE: THIS FEATURE IS NOT REVERSIBLE ONCE COMMITTED. Data cannot be recovered after performing the “Shred” action. Not available for Standard accounts.

DRM Settings for Standard Containers & E-mail Containers

Digital Rights Management (DRM) allow users to choose how recipients interact with their container even after it has been shared. Data owners can dictate the level of access users have to their container, and forever maintain that control using DRM Options.

Read-Only

Enables ALL Data-Rights Management Features.

Copy

Enables data authors to prevent authorized users from copying decrypted data. Preventing copying also prevents authorized users from printing and saving.

Print

Enables data authors to prevent authorized users from printing decrypted data. Preventing printing also prevents authorized users from saving.

Save

Enables data authors to prevent authorized users from saving decrypted data.

MS Outlook Add-In

Now you can seamlessly create and send containers directly from Outlook with the MS Outlook Add-In! Certain features are available only for the Add-In which further control the ways your data is shared!

“Forward” – Control E-mail Forwarding Ability

Enables data authors to prevent authorized users from forwarding decrypted data to others. Preventing forwarding also prevents authorized users from copying, printing, and saving. *Only available for Microsoft Outlook Add-in.

“Read Receipt” – Know When Your Container is Accessed

Enables data authors to be notified via email the first time an authorized user decrypts a secured container. *Only available for Microsoft Outlook Add-in.

Time-Based Access Control

Access Times

Enables data authors to manage when their data can be decrypted by authorized users. Not available for Standard accounts.

Start Time “Sunrise Time”

Enables data authors to prevent authorized users from decrypting data before a specific date and time.

End Time “Sunset Time”

Enables data authors to prevent authorized users from decrypting data after a specific date and time.

Contact Group Management

Lists for contacts and groups help data authors easily manage who has access to their data containers. This feature is only available for the Microsoft Outlook Add-in.

Contacts

The contact management section allows users to create, edit, and delete contacts.

Groups

The group management section allows users to place multiple contacts into groups, which make sending emails to multiple individuals much easier.

System Requirements

The minimum system requirements needed to run CES can be found below. For the best experience, we always recommend using the latest publicly available versions of each operating systems (OS).

DesktopWeb BrowsersDependenciesMobile
Windows 10+Chrome/Edge 89+Outlook for Windows (Required) TBD*
.NET Framework 4.6+Firefox 87+.NET Framework 4.6+ (Required)Android 8+
MacOS X 10.14+Safari 14.1+Outlook v13+ (Required)iOS 14+
* – Coming soon to the Microsoft Store, compatible with Windows Phones.

News

Demonstration of ACES Encryption as a Service Solution at DoDIIS 2021
Forescout Comply-To-Connect (C2C) Webinar
Forescout CounterACT 7 & 8.0 End of Life (EOL) Announcement
ACES Awarded DLA WMS Contract for SAP Support Services
All News

Tags

Tags

802.1X (2) Army (2) C2C (4) Class (1) CMMC (1) Comply to Connect (3) Contract Vehicle (3) CounterACT (9) Cyber (1) Cybersecurity (1) DoD (3) DoDIIS (1) Encryption (1) eyeControl (1) eyeInspect (1) eyeSight (1) FCSE (1) FedPoint (1) Forescout (32) Forescout Certified Engineer (1) FSCA (1) GSA (1) Integrity First (2) Leadership (2) MARCORSYSCOM (4) Marine Corps Systems Command (4) MCSC (4) MEDCOM (1) NACCR (1) NAVWAR (1) Navy (3) Network Access Control (1) OSD (2) Parent-Service (2) Penetration Testing (1) Pen Testing (1) RMF (1) SAP (3) Seaport (1) Solution (3) Testimonial (9) Training (2) Upgrade (2) USMC (6) Zero Trust (1)