About Us
KAPALYA empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application. This ubiquitous encryption solution protects all your corporate data by seamlessly encrypting files on:
- End-points computers/mobile devices.
- Corporate servers and public cloud providers.
- With KAPALYA, users have the ability to share encrypted files across multiple cloud platforms.
-
01
End-point Security
-
The encryption management platform creates a secure vault on user endpoints
where:
- A data classification engine scans the endpoint for sensitive files and prompts users to encrypt.
- All data within the vault is encrypted.
- Each file and folder is assigned a unique encryption key.
- No additional disk or storage space is taken up on the endpoint.
-
02
Public Cloud Security
-
The problem with using the encryption offered by public cloud vendors:
- Vendors will encrypt files at-rest on their cloud, however, files sitting on a user’s endpoint are left unencrypted and vulnerable to attacks.
- The cloud provider won’t protect your files on endpoints or private clouds.
- Most cloud providers control the encryption keys, making data visible to their cloud administrators.
- Some cloud providers allow customers to bring and manage their own keys. However, integrating with a cloud provider’s key management system requires programming which could result in time consuming efforts and if not configured properly, could expose the customer’s data.
- The Encryption Management Platform is cloud agnostic and uses client-side encryption so files and folders are encrypted before leaving the endpoint. While in-transit, files are double encrypted as they move through an SSL tunnel. Since the user controls the keys, your files are protected from eavesdropping by any third-party, including your cloud storage provider.
- A unique encryption key per file allows users to share protected files across cloud storage platforms and to other Encryption Management Platform users.
-
03
Private Cloud Security
-
KAPALYA creates a secure vault for each user on your private cloud as well,
to
allow file and folder protection within your network.
- Your internal corporate administrators do not have privileges to view end-user data.
- User’s credentials are not tied to the enterprise’s active directory.
-
04
Encryption Key Management
-
Key management done differently:
- One unique key for each file and folder Keys are served in real-time.
- Keys are never stored on endpoints, public clouds or private clouds Once a function is complete, the keys are destroyed.
- This approach allows for encrypted file sharing within and outside your network.
- When file sharing, only the unique key for that file is shared, not the keys to all your files.
-
05Data
Classification
- KAPALYA’s data classification engine scans 250+ file types for social security numbers, credit card numbers, state I.D.s and driver's’ license numbers. The engine is customizable to identify the sensitive data your organization handles.
- If confidential data is found sitting on endpoints, the platform will prompt users with a list of files, and options to preview, encrypt or delete. The frequency of scans can be on-demand or programmed to run at certain times or intervals and can be configured based on business needs.

Features
Data is encrypted in-transit and at-rest on endpoints, corporate servers and public clouds.
Out-of-the-box data classification engine scans over 250 file types for sensitive data.
Zero-knowledge encryption masks cloud and corporate admins visibility into your data and encryption keys.
A unique key for each file and folder provides ultimate data security.
Allows end-to-end encrypted file sharing across multiple public cloud platforms.
Eliminates the need of managing multiple vendors to secure your data at different points.
How it Works ?
Launch the app on your Windows or Mac computer and the Encryption Management System automatically scans for sensitive data.
Upload and encrypt any confidential data on endpoints (computers/mobile devices), corporate servers and/or public cloud providers.
Securely share your encrypted files, photos and videos through a public cloud provider.
Encryption is based on NSA Suite B Cryptography Standards using a FIPS 140-2 certified virtual key manager (vHSM).
Service Offerings
Managed Platform
Services managed and hosted by KAPALYA
- Configure Encryption Management System on multiple devices per user (PC/Mac, iOS & Android).
- Encrypted file sharing across multiple cloud providers (AWS/Box).
- Dashboard to view all user activities and registered devices.
- Unlimited unique encryption keys for each file and folder.
- Auto-detection and encryption of 250+ sensitive file types.
- Encryption support on private cloud storage (Windows, Linux).
- Biometric, pin and user ID/password authentication.
- Ability to provision users.
- 60-day file recovery.
- Version control.
- Multi-tenanted management and encryption key servers
- Email/Live Chat Support.
- Service delivered from AWS.
Customer Owned Platform
Services managed and hosted by customer
- Configure Encryption Management System on multiple devices per user (PC/Mac, iOS & Android).
- Encrypted file sharing across multiple cloud providers (AWS/Box).
- Dashboard to view all user activities and registered devices.
- Unlimited unique encryption keys for each file and folder.
- Auto-detection and encryption of 250+ sensitive file types.
- Encryption support on private cloud storage (Windows, Linux).
- Biometric, pin and user ID/password authentication.
- Ability to provision users.
- 60-day file recovery.
- Version control.
- Dedicated management and encryption key servers.
- 24/7 Tech support (Email, live chat and phone).
- Servers hosted either on AWS or on-prem inside customers data center.
- Masked public and private cloud admin visibility.
- Integration with your existing Active Directory forest.
- Point-to-Point IPsec VPN tunnel from customer prem to AWS.
- Professional services to assist in setup of dedicated instance on AWS or your private cloud.
- End-user and admin training.
- Batch end-user creation.
Kapalya's Differentiators
Cloud Key Management
KAPALYA’s Approach:
Manage your own encryption keys.
Other Vendor's:
Use cloud provider’s encryption keys.
File & Folder Encryption
KAPALYA’s Approach:
Unique key served per file and folder.
Other Vendor's:
One key served per user for all their files.
Key Storage
KAPALYA’s Approach:
Keys are served in real-time and destroyed after encrypting.
Other Vendor's:
Keys could be stored on endpoints or public clouds.
SSL Tunnel
KAPALYA’s Approach:
Files are sent encrypted and through an SSL tunnel.
Other Vendor's:
Files are sent in clear-text via an SSL tunnel.
Encryption
KAPALYA’s Approach:
Client-side - Files are encrypted on the endpoint before upload.
Other Vendor's:
Server-side - Files are encrypted after data is uploaded.
Proxy-Based
KAPALYA’s Approach:
Files are encrypted on the end-point, before upload.
Other Vendor's:
Files are in clear text on endpoints and encrypted only when leaving the corporate
perimeter.
Role-Based Policies
KAPALYA’s Approach:
Privileged users never have visibility into end-user data.
Other Vendor's:
Access to end user data is defined using role-based policies.
Privileged Cloud Admins
KAPALYA’s Approach:
Cloud admins are masked from viewing all data.
Other Vendor's:
Admins at public cloud providers have visibility into your corporate data.
WHO WE ARE
Executive Management
Sudesh Kumar
Founder & CEO
Saeed Khosravi
Co-Founder & CTO
Mohamed Menakbi
VP Sales & Marketing | EMEAEmanuele Cerroni
Director of Marketing and OperationsNixon Sebastian
Pre sales and Business DeveloperOmar Ben Hamadou
Sales ManagerZia Ismail
Customer SuccessNanci Piazza
Cryptography EngineerPulkit Gupta
Full Stack DeveloperImen Joubeli
Front-end DeveloperSarra Benamara
Mobile DeveloperWayne Lewandowski
Senior Cyber Security Sales LeaderDerek Tumulak
Chief Product OfficerSanthana Krishnasamy
Product Leader | Startup AdvisorSudesh Kumar
Saeed Khosravi
David Saber
Julio Polanco
Thanh Nguyen
Contact
Contact Us For More Informations
Location:
CALIFORNIA
1935A Addison St.
Berkeley, CA 94704
HAWAII
1050 Bishop St.
Honolulu, HI 96813
Email:
info@kapalya.com
Call:
+1 (808) 728-7508