Des Moines | San Francisco | Washington, D.C.

Don't risk it... Trokt it!

Trokt Logo Clear.png

How Secure is Trokt?

Trokt protects legally sensitive communications across independent teams - which are now often occurring over email, text, or shared documents - by bringing everyone into one simple, secure, cloud-based platform.

Below are answers to questions on how Trokt protects user communication by focusing on both:

  • Industry Standard IT Security, and

  • World Leading Operational Security

IT Security

IT Security covers all of the features intended to only let the right people into Trokt, and keep the wrong people out.

All Trokt data is stored and applications deployed using industry leading Amazon Web Services. AWS supports “virtually any workload for over a million active customers in 190 countries” from start-ups, established companies, to public sector organizations. Using AWS means Trokt infrastructure benefits from:

  • Encryption in transit with TLS

  • Encrypted message queues for the transmission of sensitive data using server-side encryption (SSE)

  • Dedicated, hardware-based cryptographic key storage

  • Deep visibility AWS CloudTrail

  • Alert notifications through Amazon CloudWatch

All Trokt systems benefit from the FISMA compliant design and operation used to support its Federal customers. These design features include:

  • Category based information protection

  • Minimum baseline control selection

  • Risk-based procedural controls and refinement

  • Ongoing security controls and effectiveness monitoring
     

Trokt applications are built using Fail Safe strategies that require active authentication to enable any data or permission modification. These design features include:

  • SSL using RSA 2048 verification

  • Secure user identification verification

  • User password hashing

  • Databased misalignment rejection

  • Local/document-level permission control
     

Operational Security

Operational Security covers all the features intended to prevent an authorized user from accidentally releasing sensitive data.

Trokt requires two positive actions in order to change the visibility or status of any piece of data outside of a user's team. This design methodology means:

  • Encryption in transit with TLS

  • Encrypted message queues for the transmission of sensitive data using server-side encryption (SSE)

  • Dedicated, hardware-based cryptographic key storage

  • Deep visibility AWS CloudTrail

  • Alert notifications through Amazon CloudWatch

Picture Logo Image.png

Where is the Risk

Security is about reducing risk. Communication security requires the user to look at every point where privileged, private, or confidential information could be transferred, and reduce the opportunity that it is sent to the wrong place. 

Trokt knows, when it comes to communication security:

  • Mistakes are more common than theft,

  • We cannot eliminate data releases, yet

  • We must take economically reasonable steps that reduce errors.

To read more about what communication security means in a digital world, you can check out the latest paper by Trokt's Managing Director Chris Draper by clicking here.

The Real Standard is Risk

Assessing the appropriateness of a communication tool comes down to the risks posed by its use. It is impossible to prevent a data breach. Yet some communication tools are almost certain to cause a breach, where Trokt will not.

  • Trokt on YouTube
  • Trokt on Facebook
  • Trokt on Twitter
  • Trokt on LinkedIn