tiCrypt Vault Overview

Store and share encrypted data within the tiCrypt Vault.

Overview

  • Introduction to the three core components: Vault, Virtual Machines, and Administrator Tools.
  • How end-to-end browser-based encryption protects sensitive data.
  • File uploads, organization, and secure sharing with users and groups.
  • Cryptographic isolation of groups and strict access separation.
  • Project tagging and compliance-driven access controls for sensitive data.
  • Secure external file intake using one-way Dropbox-style links.
  • High-level overview of encrypted Virtual Machines for secure processing.
  • Administrative governance, resource allocation, and private key escrow recovery.
Platform Overview

tiCrypt is a secure platform designed for organizations working with sensitive data, including Controlled Unclassified Information (CUI). The system consists of three tightly integrated components: the Vault, the Virtual Machines, and the Administrator Tools. Together, these components create a secure, end-to-end encrypted environment that supports NIST 800-171 and CMMC Level 2 requirements.

This demo focuses on the tiCrypt Vault, the secure storage and collaboration layer of the platform. In upcoming videos, we explore how Virtual Machines extend this environment into secure processing and isolated compute workflows.

Vault: Secure File Storage

The tiCrypt Vault provides functionality similar to Google Drive, allowing users to upload, organize, and share files.

Unlike traditional cloud storage, encryption occurs in the browser before data reaches the server, ensuring backend systems cannot access file contents.

Users, Groups, and Cryptographic Isolation

The platform supports both individual users and cryptographically isolated groups.

Group isolation is enforced at the cryptographic level, ensuring strict segmentation required in regulated environments.

Secure File Sharing Controls

Files can be shared with users or groups with expiration and permission controls.

Project tagging enforces compliance policies such as restricting downloads of sensitive data.

CUI Protection and Endpoint Scope Reduction

Preventing CUI from reaching endpoints reduces compliance scope significantly.

tiCrypt enforces policies that keep sensitive data within the encrypted environment.

Secure One-Way Upload (Encrypted Dropbox)

External users can upload files via controlled links without accessing stored data.

This supports secure collaboration without expanding exposure.

Virtual Machines and Secure Processing

Virtual machines enable secure processing of sensitive workloads inside the enclave.

Access is provided via encrypted tunnels, ensuring isolation and protection.

Administrative Controls and Key Escrow

Administrators manage users, teams, and resources centrally.

Key escrow enables controlled recovery without breaking encryption guarantees.