Ransomware Protection

Platform
Automated Certificate Management With Ghesar SRL

Avoid costly outages with Ghesar’s certificate lifecycle management features. These capabilities are included with any deployment of the Ghesar.com platform.

Learn More

Use Cases
Solutions
Industry
Business Need
The Ghesar team has worked on the security needs of businesses of all sizes, from startups to Fortune 500 companies..
Services
At the core of Ghesar’s philosophy is the belief that securing business infrastructure and data should not hinder performance or interrupt day-to-day operations.

Services
Resources
Ghesar

Ghesar SRL is a leading cybersecurity vendor based in Moldova, Chisinau. We protect enterprise infrastructure without impeding the performance of existing business processes.
Resources
About Ghesar

Platform
Automated Certificate Management With Ghesar SRL

Avoid costly outages with Ghesar’s certificate lifecycle management features. These capabilities are included with any deployment of the Ghesar.com platform.

Learn More

Ghesar

Ghesar SRL is an integrated cybersecurity platform for the enterprise that supports a wide range of essential security functions.
Discover E-semnatura
Use Cases
Code Signing

TLS

SSH

Document Signing

S/MIME

Log File Protection

Secure Backup
Solutions
Industry
Software / SaaS

IoT Manufacturing

Banking & Finance

Legal

Insurance

Healthcare

Government
Business Need
Data Protection

Strong Authentication

Privileged Access Management

Secure Software Development

DevSecOps

Zero Trust Architecture

Ransomware Protection

Cloud Security

Email Security
The Ghesar team has worked on the security needs of businesses of all sizes, from startups to Fortune 500 companies.
Services
At the core of Ghesar’s philosophy is the belief that securing business infrastructure and data should not hinder performance or interrupt day-to-day operations.
Services
Public Key Infrastructure

Certificate Lifecycle Management

Digital Signature Deployment

Cryptographic Architecture

Secure Code Review
Resources
Ghesar

Ghesar SRL is a leading cybersecurity vendor based in Moldova, Chisinau. We protect enterprise infrastructure without impeding the performance of existing business processes.
Resources
Blog

Datasheets

E-Books

Recorded Demo Videos
About Ghesar
About Us

Partners

Privacy Policy

Contact Us

Request a Demo

+373 795 333 11

Ransomware attacks have become alarmingly common, and, unfortunately, experts predict that they will only become more frequent and more severe in the coming years.

E-semnatura provides cybersecurity protection against ransomware with a variety of security controls, including restricted access to sensitive data and decryption keys, granular access controls like multi-factor authentication (MFA) and device authentication, and support for digitally signing and timestamping backups.

Timestamp Data Prior To Encryption

Passwords often create vulnerabilities, as end-users often set weak passwords. Key-based authentication provides superior cybersecurity and should be implemented whenever possible. Store all cryptographic keys in a hardware security module (HSM) and restrict end-users to proxied key access via E-semnatura to enable seamless integrations with all clients and ensure the keys are never exported from the HSM.

Encrypt Data With Self-Managed KMS

Whenever possible, encrypt data at rest using a self-managed (i.e., on-premise) Key Management Service (KMS). This is especially important when the third-party is the one storing the data, as is the case with cloud providers. By encrypting the data before it is sent to the storage provider, you benefit from the storage provider’s scale without sacrificing the confidentiality or integrity of your own data.

Disable All Decryption Keys

By default, keep the private keys for decryption disabled. Since they are only needed when restoring backups and are therefore not needed frequently, you should only enable them when necessary and immediately disable them again after they are used. With E-semnatura, any cryptographic key can be disabled with a few clicks from the E-semnatura interface.

Enforce Granular Access Controls

Ensure that only authorized and authenticated end-users can use the decryption keys needed to access backups. E-semnatura supports granular access controls, such as multi-factor authentication (MFA), device authentication, and approval workflows, on a per-key or per-user basis.

Ransomware Protection With E-semnatura

With E-semnatura, all backups are digitally signed, cryptographically timestamped, and encrypted while the decryption keys remain secured in a certified hardware security module (HSM). Security policy can be established on a per-key or per-user basis from a single interface, and any cryptographic key can be disabled with a few clicks. Granular cybersecurity controls, such as multi-factor authentication (MFA), device authentication, approval workflows, and more, ensure that only authorized and authenticated end-users can access decryption keys and, thus, the encrypted data.

Timestamped Data Cryptographically timestamp backups and other databases to ensure the integrity of the data and to meet legal requirements.

Digitally Signed Backups Attach a digital signature to all backups and other databases in order to prevent third-parties from tampering with the data.

Protected Decryption Keys Encrypt all backups and store the decryption keys in a non-exportable state in a certified hardware security module (HSM).

Just-In-Time Access Leave decryption keys disabled until seconds before an authorized and authenticated end-user needs access.

Granular Access Controls Enforce granular access on decryption keys, including multi-factor authentication (MFA), device authentication, approval workflows, notifications, and more.

Easy Audits & Compliance Audits can easily be performed at any time. Compliance with data security regulations is drastically simplified.

Discover E-semnatura