tiCrypt

End-to-End Encrypted Compute Environments

tiCrypt is a product of Tera Insights and the University of Florida Research Computing. It is a single, fully integrated platform for regulated workloads designed to exceed NIST 800-171/CMMC Level 2 requirements.

NIST 800-171/CMMC Level 2 Compliant
NIST 800-172/CMMC Level 3 Ready
Tera Insights LogoUF Logo

Is tiCrypt a Good Fit for Your Organization?

A simple four-point check to help determine whether tiCrypt aligns with your compliance, infrastructure, and deployment needs.

Fit & alignment

Four Questions

1

Does your organization handle regulated workflows (e.g., NIST SP 800-171/172, CMMC Level 2 or 3, ITAR)?

2

Are your workflows dependent on software outside Microsoft 365 that cannot run in GCC High?

3

Does your organization have the scale and resources to operate an on-premises secure environment?

4

Is your organization based in the United States or Canada?

Alignment Score

0/4
Not a good fit
Estimated outcome
Not well aligned with tiCrypt

Begin by answering each question.The score indicates whether your organization aligns with the conditions tiCrypt is designed to support.

Answered
0/4
Positive
0/4
Contact UsSee Architecture

No responses are stored, logged, or transmitted. Processed locally within your session.

tiCrypt Core Features

Core features include a secure Vault for file storage and sharing, controlled access to virtual machines via RDP and terminal sessions, and integrated administrative tools for managing users, permissions, and system activity.

tiCrypt vault storage and sharing interface
Vault

Secure Storage & Sharing

tiCrypt Vault provides an end-to-end encrypted space for storing and organizing files and folders.

Files and folders can be shared across projects and groups with clear permissions, and data can be securely received from outside the enclave via controlled dropboxes or SFTP.

Control who can access and share files

Access

VM & Terminal Access

tiCrypt provides controlled access to secure environments through both terminal (SSH) and full desktop (RDP) interfaces, allowing users to interact with systems without exposing sensitive data outside the enclave.

Access to virtual machines and mounted drives can be securely shared, enabling collaborative use within groups. When explicitly permitted, virtual machines can also connect to one another, supporting complex workflows while preserving isolation, auditability, and strict access control boundaries.

Access without data exposure
tiCrypt VM logs part 1tiCrypt VM logs part 2
Logging

Full System Logging

tiCrypt provides administrators and authorized teams with complete, structured visibility across the entire system from the moment environments are created. Every action is recorded to support operational oversight, audit readiness, troubleshooting, and security review.

From access events to system-level and infrastructure behaviors, tiCrypt maintains a continuous, tamper-resistant history that ensures accountability and traceability for sensitive workloads from day one.

Built-in accountability from day one

Permissions

Granular Access Control

With 158 granular permissions, tiCrypt enables fine-grained control across users, projects, and system operations.

Organizations can combine permissions to enforce exact workflows aligned with their security requirements, operational structure, and compliance obligations.

Control exactly who can do what
Permission
tiCrypt permissions frame 1tiCrypt permissions frame 2tiCrypt permissions frame 3tiCrypt permissions frame 4tiCrypt permissions frame 5tiCrypt permissions frame 6tiCrypt permissions frame 7tiCrypt permissions frame 8tiCrypt permissions frame 9tiCrypt permissions frame 10tiCrypt permissions frame 11tiCrypt permissions frame 12tiCrypt permissions frame 13tiCrypt permissions frame 14tiCrypt permissions frame 15tiCrypt permissions frame 16

Compliance

SSP Coverage (NIST 800-171 / CMMC Level 2)

tiCrypt provides a complete SSP blueprint (110 controls). Approximately 84 controls are platform-enforced (including hybrid controls where tiCrypt enforces the technical component). The remaining ~26 controls are organizational and require customer-specific policy edits (e.g., PE, AT, PS, and policy-driven areas).

NIST 800-171110 Controls
tiCrypt Controls
84/110 Controls Covered
ACAUIASCSICMMP
Organizational Controls
26/110 Controls Covered
PEATPSIRCARAMA
Minimize compliance risk through platform-enforced controls

Management

Unified System Management

tiCrypt brings administrative controls, user management, projects, virtual machines, Slurm resources, escrow workflows, and system settings into a single, integrated control surface.

Each domain remains logically separated while managed through one unified interface.

Everything in one place - users, projects, VMs, Slurm, and system services
Users

Your Data Is Restricted. Your Workflows Shouldn't Be

One platform for encrypted storage, secure virtual machines, and CMMC/NIST compliant batch processing. Purpose-built for the most demanding security requirements without sacrificing the workflows you depend on.

End-to-End Encryption by Design

tiCrypt provides end-to-end encryption for file access, sharing, and processing, with a security model built on public-key cryptography.

  • Per-user cryptographic key pairs
  • Administrators cannot access user data
  • Private keys never leave the client
  • Secure key recovery with multi-party approval

What Our Customers Say About tiCrypt

"Our independent security review and penetration test of tiCrypt revealed an exceptionally strong, defense-in-depth architecture aligned with NIST SP 800-171. The platform incorporates non-default security design choices not commonly encountered in comparable systems. We were particularly impressed by the overall security architecture and the team’s responsiveness."
Guillermo Munoz, M.A., CISSP, CEH
Senior Information Security Architect, Harvard Medical School
"We have been working with Tera Insights for about a decade on building a computing environment for working with restricted data that is flexible, highly secure, and straightforward to manage. With constant feedback from researchers, the environment has matured to meet the demands of very complex workflows."
Erik Deumens, Ph.D.
Senior Director, UFIT Research Computing, University of Florida

Why tiCrypt?

tiCrypt is a single-stack solution designed for secure, compliance-ready data processing at scale.

tiCrypt vs Traditional In-House Solutions

A side-by-side comparison highlighting operational, security, and compliance differences.