Tresorit Student Discount

Posted : admin On 1/25/2022

Almost everyone needs a safe place for their documents and files.

There are so many Cloud storage software with different features that promise one main thing; to keep your files safe and give you access to them easily.

However, picking the right software for your team could be a little uneasy because of the many online storage software available. Here are a few cloud storage applications, with their features and flaws.

NonProfit Nation Blog. Why Nonprofits Are Choosing Zoom; 23 Tried and True Ways That Nonprofits Save Money; Why We Founded NonProfit Rate; Creative. Just installed Tresorit and am playing around with the free trial. It seems to work great, I just had one question. When I initially install the program it creates my Tresorit Drive for me, which is perfect. Inside the Tresorit Drive, though, is a 'Root Tensor' folder that.

  • This discount price represents a 49% savings on the monthly rate of $12.95 per month. 3 Months free coupon + 49% off here Note: You can see that all plans come with a 30 day risk-free trial, allowing you to cancel at any time.
  • Just out of limited beta, Tresorit is a new Dropbox alternative with client-side encryption. The company offers 5GB of free space, but for a limited time Lifehacker readers can grab 50GB free for life. Tresorit’s biggest selling point is the strong security. Your files and folders are encrypted before they’re uploaded to the cloud.
  • Nov 30, 2020 RCJAZ has introduced a special student discount for students in school. They know that students ’living expenses are provided by their parents, so the money available for consumption is very limited, but in order to make every student customer who likes RCJAZ not disappointed, student discount play a huge role.

1. Google Drive

Google Drive stores your files on the cloud and allows you to access them wherever you are. It also gives you access to editing software such as google docs, sheets, and slides. The most interesting feature about Google Drive is that it allows your friends to join you in editing a document simply by clicking the share button. With google drive, you can easily find your files by searching for the keyword or using the filter. You can also view any file of your choice such as HD video, adobe illustrator, photoshop, pdf, and lots more. Google Drive also allows you to keep as much as 15GB Disk Space for free and when the free space is exhausted, you can easily pay for more space at a reasonable amount.

Now that you know the key features; let’s talk about the cons of using google drive. Google Drive doesn’t integrate with other communication tools, so your data can only be sent within google applications. Unlike other storage software, google drive rarely allows different versions of the same file; so only the original version is maintained forever.

2. Media Fire

MediaFire is also a storage software that gives high speed in downloading and uploading of files. It is available on all devices like iPhones, Android, Windows, OSX, and Web. But unlike Google Drive, MediaFire gives only 10GB space for free. However, more space can be bought at a very reasonable price.

Media Fire has several drawbacks. It has low security and privacy; in other words, your files are not 100 percent safe with this software.

Your documents may also suffer a little because MediaFire deletes your data after left inactive for a certain time. Another drawback would be the amount of ads you’ll have to see when using the free version.


One thing for sure about this cloud storage software is that your files are made very secured and safe. MEGA cloud software encrypts your files, including the ones you share to ensure that all your files are as safe as possible. It also offers 50 GB free space; although, in reality, it’s just 15GB free space and 35 GB achievement quota space valid for only 30days after registration. MEGA also gives you bonus space when you get a friend to download and make use of the software.

However, MEGA lacks integration and editing features on files, it’s speed could also be slow sometimes and buying more space is a little expensive, compared to the others.

4. Dropbox

One of the best and second most popular storage software is Dropbox. Dropbox just like the others, store your files safely in the cloud. It also allows collaboration on documents, it has an online office and an application for note-taking. Dropbox, however, suffered a breach in security in 2012, making people a bit scared on the security strength. Dropbox is also fast and smart in synchronization. It gives only 2GB disk space on its free plan and it’s quite expensive to upgrade.

5. PCloud

Pcloud has the key ability to store your files in a remote location. It also syncs and shares them across all devices. This helps you avoid losing all your files due to a device malfunction. It is also known for its high speed in file synchronization.

Pcloud gives 10GB free space and allows payment for more space to be made in bitcoins as well as other payment methods.

The downside to Pcloud is its weak collaboration ability. Files cannot be edited with this software, so it serves only as a cloud external hard drive. One can also not guarantee the safety of this software, given that you’ll have to pay extra for private encryption.

6. One Drive

One Drive is a storage software created by Microsoft. Although with different names, One drive gives you access to office 365which entails Microsoft Word, Excel, Powerpoint and One Note. One Drive is good for work collaboration and has a speedy sync feature.

However, One Drive gives only 5GB storage space on its free plan, although it’s not as little as Dropbox, you may still have to upgrade to enjoy more space. There is also no zero-knowledge encryption., so it’s privacy may not be 100 percent.

7. Icloud

Icloud is created by Apple corporation and of course commonly used by Apple users. It gives a 5GB free plan and offers a reasonable price for an upgrade. Icloud is mostly used by apple users because it doesn’t work so well on Microsoft and Android devices.

Icloud speed in uploading or downloading files could be really slow and its sharing feature is still in its beta form. There is also no file versioning with Icloud, so you can only have one version of your files.

8. Box

For business owners and SME, Box has proven to be the best EFSS platform. It has an unlimited storage plan, great application integration on any device and strong security. Box offers Online Office and Google Docs with excellent user management. Box also gives 10GB free storage which can be upgraded at a reasonable price. However, there is no discount on paying annually.

The major shortcoming of using Box is the limit on a file upload. Box doesn’t allow the upload of a file higher than 5GB.

9. SpiderOak

SpiderOak is a very secured software to backup your files. It is mainly used on desktop systems, so it cannot be integrated on mobile devices. Like other storage software, spider oak keeps your files, documents, videos, and so on, in the cloud.

SpiderOak is mostly known for its excellent security, although 100 percent safety can never be fully assured, spider oak is still really safe. Spider oak is a fully paid for software, though it gives a whooping 250 GB free space, it is only valid for 21 days, after which you’ll have to pay a quite expensive price to continue usage. Unlike the others, Spider oak allows versioning, so you can have different versions of your files.

10. Tresorit

Tresorit is also one of the highly secured storage software. It has zero-knowledge encryption, secure file sharing, and a two-factor authentication. Tresorit gives only 3GB file space in its free version, and it is a bit expensive to upgrade. Tresorit also has the limitation of file size upload. The maximum size of a file that can be uploaded is just 500MB. Tresorit can only be linked to 4 devices and also deletes data when files conflict.

11. Egnyte

One of the best EFSS solutions for your business is Egynte. Egnyte is a cloud-based file management software that makes it easy for you in mobilizing your team, collaborating and giving you a more productive workforce. It has a fast blocking level synchronization and a very secure file sharing platform. Egynte also has the online office/ Google docs integration with a good third party library application.

Egynte, however, does not have a free plan, but its price is very reasonable. It also does not support Linux.

12. Storegate

Storegate offers quite several features as a backup and file sharing platform. It automates your backup, allows live synchronizing and file sharing even on social media. It also has a mobile app, making it easy to use on different devices. Storegate, however, does not have a full free plan and it’s a bit pricey. There is also no unlimited space feature so there will be no more space for your document after it reaches 1TB.

13. Safe sync

If you only need your files stored for a few months, then Safe Sync isn’t for you. Safe Sync lets you store your files safely in the cloud with a minimum of 1-year subscription plan (it has no free plan). Safe sync gives you easy access to your file, both online and offline, and enables file sharing features even on social media. Safe sync is also too pricey for the space it offers.

14. I-drive

I-drive has a lot of features such as Unlimited device backup, file-sharing capabilities, back-up on social media, android & IOS, and external drive back up. It also offers 5GB of free storage, with inexpensive upgrade plans. I-drive gives educators and students a 50% discount when you sign up through the education link. It however, does not have an unlimited backup plan, and has file versioning limit.

15. Jungle Disk

Jungle Disk is a fast cloud-based software with a strong security system. It has a server & network-attached storage backup, unlimited versioning, unlimited retention of deleted files and it is very affordable. However, Jungle disk can be very confusing to use, and has no image and continuous backup.

16. ADrive

ADrive is a cheap and flexible cloud storage software. It syncs or backs up any folder at a good speed and has SCP, SFTP, Rsync & WebDAV support.

For cloud storage, ADrive has a good number of disadvantages. When using this software, you should be ready to experience a lot of broken features. Its security is also not guaranteed, so privacy and security issues may arise. It also has poor application support and a terrible user interface.

17. Carbonite

Carbonite is very easy in using and gives unlimited backup for one device. It offers backup by file type and serves as an external hard drive. Carbonite also assures strong security and privacy. The major shortcoming to Carbonite is its slow speed in uploading and syncing files. Carbonite also has no monthly subscription, so all plans have to be bought yearly.

18. Icedrive

Icedrive is a new storage software with great speed and ease in usage. It offers 10GB storage space on its free plan and a private encryption for premium users.

Icedrive flaws include its rough privacy policy with no two-factor authentication. It also has no file versioning and block-level sync.

19. OpenDrive

If you need unlimited cloud storage at a reasonable price, OpenDrive is perfect for you. It has good backup capabilities, offers productive tools and collaboration. OpenDrive also has private encryption to protect your privacy.

However, the speed in synchronizing files is very slow and occasionally you could experience sync failures.

20. Amazon Cloud Drive

Amazon Cloud Drive has made a lot of improvements since its inception. Although it has no free plan, Amazon Cloud Drive offers good subscription plans and unlimited photo storage. It also syncs files speedily and gives you are good user experience. However, you can’t get productivity apps with it and its security isn’t 100 percent assured.


There are a lot of things to consider in choosing the right online storage software. The purpose of storing your files, the size of your files, collaboration features, price, upload size, speed, editing enablement, safety, and ease of usage.

But once you know exactly what you need the software to do for you or your team, it would become much easier to select your cloud storage application.

Author Profile

Carrotsuite is an ERP business management software that will help you completely digitize and automate your business so that you and your team can work + collaborate from anywhere.
Our vision as a business is to achieve & implement completely paperless offices in the nearest future.
  • 2019.09.2720 Online Storage Software
  • 2019.09.2350 Apps Every Business Owner Needs
  • 2019.08.186 things to digitize & automate in your Customer Service (CRM) Department
  • 2019.06.039 Detailed Reasons To Switch From Sage Accounting Software To Carrotsuite Business Software Today

The phrase ‘being hit by a cyberattack is no longer a question of ‘if’ but ‘when’’ has become more relevant than ever during the pandemic. As workers have migrated away from the office, organizations of all sizes have been forced to rethink their security measures to make them relevant outside of the office.

This has made the work of security experts like Laszlo Borsy, VP of Business Development at White Shark, all the more important. Recruited from a combination of Hungarian security agencies and US tech companies, White Shark’s goal is to revolutionize the way in which security services are brought to market and sold.

As Laszlo outlines, White Shark’s shift to a managed service model (complete with transparent pricing, ‘mobile first’ strategy and a homogeneous environment for threat detection) allows the team to keep track of every possible endpoint across all platforms and devices – and has been crucial to their success within the space.

See below for an overview what to expect from our in-person(!) recording session from Budapest:

  • A dismantling of the cybersecurity nerd stereotype (‘geniuses with very thick glasses’) and an outline of how White Shark delivers value to its clients
  • Some thrilling customer stories involving helicopters, industrial espionage and ransomware attacks
  • How security professionals track down system vulnerabilities and why a network of experts is crucial to this process
  • The groundbreaking process behind creating a homogeneous environment (or, as Paul describes it: ‘extending the security bubble beyond the on-premise’) to capture signals from the customer’s entire device portfolio
  • Why White Shark believes blending cybersecurity insurance into their offering will profoundly reshape both the security and insurance industry going forward

If you’ve enjoyed listening to this episode, check out our previous episode featuring parental control and monitoring software company Bark, and stay tuned for more under CTRL releases on Spotify. And… don’t forget to share your feedback and stay connected with all things Tresorit through our official Twitter and LinkedIn channels.

Paul: Hi everyone! Welcome to the 14th episode of 'under CTRL'. My name is Paul Bartlett, and on today's show is Laszlo Borsy, who is the Vice President of Business Development at White Shark. White Shark is a security-as-a-service provider that provides 24/7 endpoint protection. We will discuss why their groundbreaking security-as-a-service business model is a win-win situation for all types of enterprises. Hello Laszlo, welcome to the show!

Laszlo: Thank you very much! Welcome everyone!

Paul: It's good to have you here. And like I say, I'm really excited today to be able to have somebody in the studio with me, rather than on a Zoom call. So it's certainly a different experience here. So what we'd like to talk to you today is about the security aspect of things. And I'm going to hand it over to Laszlo, to talk about the company that he represents, and a little bit about himself. So, Laszlo, take it away!

Laszlo: Thank you! So... my background, you know, initially I started working in the security space in the United States when I was seventeen years old. I started at a company called Search Software America. And we were, with our systems, were doing financial fraud detection for large organizations, because we were using a dramatically more interesting search algorithms, than just text by text, exact matches for searches. And the- in the financial fraud detection, it was very important, because many people were just changing their data just slightly, so that they could appear as a different person. And the- they were using it for identity theft and other tricks. So even large banks and the FBI and the CIA were using our software systems for fraud detection. Then I was graduated from universities in the U.S. and worked for in the first line, the quieter state-of-the-art technology company, such as Banyan Systems, a state-of-the-art network operating system manufacturer, then Sun Microsystems, and later for the largest internet service provider in America, called America Online. So I ventured into the business world later and moved back into Europe. And that's where I met Sándor Fehér, who is the founder of White Hat, the IT security system services. And he told me about- he's found experience of White Hat and I- you know, even during our initial conversation, it really attracted my attention. And we ended up establishing a business relationship, and a work relationship together. So a few words about White Hat itself: You know, it's formed from the core members of a Hungarian national security agency. And they decided to quit their government posts, and founded the White Hat. The- about seven people. And initially, they were focusing on pre- and post-incident services, which they were very successful at, because that's what they were doing on an ongoing basis in their past.

Paul: Okay. That was interesting, to understand why they kind of saw a gap in the market. Is that why they- that they quit? And they decided to go with a new startup? And- because these are coming from pretty respectable organizations, right? So...

Laszlo: Definitely.

Paul: Yeah.

Laszlo: Definitely. Yes, they saw a market window, which later, after I joined, I shared the same identical vision. In fact, the IT security space is, I would say, in its infancy currently.

Paul: Right. Okay, so there was this kind of gap that everybody collectively recognized and said, 'Okay, we can serve that need there. Let's go out. Let's form a company.' Which is what you've done. And go from there.

Laszlo: That is correct. So once I joined, I, together with Sándor, I saw the need that, you know, attaining customers only on an incident-by-incident basis makes our business model very, very difficult. So we thought of the need to provide ongoing managed security services as well, so that we start having our customers realize for an ongoing need for a protection of their data assets and their values inside the- their corporate environment.

Paul: I see. So when you say 'the customers', what do those customers look like for you? When- are we talking about small- small or medium enterprises? Are we talking enterprise-scale? Or is it a broad spectrum of customers that you're- you've started to deal with?

Laszlo: We started to deal with large multinational companies. This is given, because the business cycles and the current space is not very educated about IT security. So the business cycles are long, the space is not very transparent, even from a pricing perspective, and- and the services offered in the market are not commoditized. So, you know, first the potential customers need to understand what it is that they would be getting. Even for an incident response case, they have to evaluate very carefully what it is that they would be receiving as a fixed free post-incident service. And it makes this very difficult. So this is why we decided to move forward and focus and dedicate some of our capital to developing White Shark, which is a managed- ongoing managed security service.


Paul: So let's talk about the gap. Okay? When you- we said- or you saw a gap, what gap did you see? Because we would assume that most large organizations have their own security teams, if not, it's outsourced - and they're pretty well protected. However, what we've seen over the years is that the likes of big organizations, like British Airways and various other organizations, have been hacked. So what part of the services do you provide? And maybe you can give me some examples with customer stories of what the problem was or- that they suffered from, and how you came into the picture to either prevent it or support, you know, the instant response.

Laszlo: Absolutely. So as you mentioned, only and even large organizations can afford proper, professional personnel that can size up and understand their IT security requirements. And even those large security- large organizations and enterprises that are protected via these professionals and software systems that they harness, they also get from time to time penetrated. So I will talk a little bit more about our vision and our, you know, focus in our product, and what we think is our unique selling point in our ongoing managed security services. But let me first, as you touched upon, let me talk about a couple of case studies, what we, you know, came about and what we sold for a couple of large organizations, enterprises, in the corporate world. So first, you know, in the early development phase of the company, we encountered a large pharmaceutical company that got penetrated and in a very sensitive time period, when they were actually establishing a key business relationship with a partner. And they immediately saw the need that they have to filter out, if in fact, this penetration and this incident was caused by this interested potential business partner, or it came completely from a different, completely irrelevant and independent source. So in this case, to be able to isolate different parts of their network and different parts of their systems, we even had to harness, you know, for quick movement, you know, between their eleven sites in different countries, we have to- we had to harness a helicopter, so that we can move between their sites, you know, to quickly and dynamically make sure that all those isolations are perfect and impenetrable.

Paul: Right. Okay. A helicopter to move between sites.


Laszlo: That's right.

Paul: That's a pretty good use ca- use story. So... yeah. So I mean- you considered that you had to move between these different sites, so you're talking about on-premises threats, are you? Or... in these large organizations or what kind of instance are we talking about?

Laszlo: We had to make sure that, you know, even physical access...

Paul: Right. only granted, you know, to the proper access levels, and so in those isolations, we- sometimes it requires - even in today's state-of-the-art digital world, it requires that we have physical presence in rare cases, such as in that case.

Paul: Right. I see. So when we think about security threats, so- there is also a physical element there as well, where sometimes that's overlooked, when we think about security, of course, where- I mean, I'm personally using swipe cards to get into the building, so we're talking about that kind of level of security, where you're using key cards to get into buildings and (inconclusive).

Laszlo: That's correct. Yeah.

Paul: Right, okay. Okay. So that's very interesting. And what other ones have you experienced with regards to some of the instances that you- that you've had to adjust-

Laszlo: So another interesting case: We had one large actor in the Central European, Western European energy sector.

Paul: Right.

Laszlo: And they encountered a- an incident where, you know, certain parts of their system, which is used to, you know, control and manage energy distribution, they became vulnerable. And we had to use our techniques of our incident response IR team to make sure that we completely isolate them from these adversaries and remove them from their systems.

Paul: Right. Okay. And is that top secret information, how you do that? Or can you give me a little bit more deeper explanation? In this like: What is it that you actually have to do to isolate them to protect them? What kind of steps and processes do you have to go through to do that, to make sure that they're safe?

Laszlo: Yeah, on a conceptual level, absolutely. I mean, initially, you know, we have to go layer by layer...

Paul: Right.

Laszlo: ...and analyze their systems. And we have to isolate the different system parts and see if there's a- they don't have the ability for any lateral movement inside their systems and network. And we have to make sure that there's no persistence that is established on multiple levels, so that even if you fixed, simply put, you know, one hole in the system, that they cannot exploit another.

Paul: Yeah.

Laszlo: So... in these cases, it's always very important to- that- to mathematically make a complete quick assessment of the customer's network and environments, and what components it has, what kind of different versions of the systems, what- each level of patches they install or didn't install. So, you know, this goes into more- deeper into understanding security in today's world. So many people think of IT security people as those geniuses with the very thick glasses that, you know, sit in front of their computers. But in fact, you never have the time, you know, at the time an incident happens on an atomic level, to try to solve the puzzle of one small component of a system. So it's more about being able to understand the tools available to you and available, you know, at the highest development level, to assess where these penetrations came from. You know, often we share- you know, we're members of several different communities in the IT security world, where we share information and patterns of attacks. So when we see these patterns between each other, then we right away- we can recognize, 'This is the pattern that these attackers use, so this must be that.' So that we start using the tools immediately available to us to fix these issues. So actually, it's not the geniuses with the thick glasses that, you know, have lots of time to fix a puzzle, it's really security experts with very deep connections in the world that actually can quickly bring solutions about.

Paul: Right. And- that's pretty interesting, that there's a community of good guys out there, and a community of bad guys. So you've got a big network, as you mentioned, where you share insights with each other, to try and solve security issues?

Laszlo: Certainly. So we are members of all the influential networks of security experts and the companies that act in the security world.

Paul: Fantastic. It's good to know we got some good guys out there, like yourselves, addressing these security issues. 'Cause we see lots of security incidents, and I think there's a lot more security incidents on the rise. Certainly, in more recent times. And I think we'll come onto that a little bit later, of c- what the current situation is. I wanted to ask you about the- basically, what is the biggest issue out there today? What's the biggest threat that you're seeing right now?

Laszlo: The biggest single threat that we identified lately, especially during this COVID epidemic, is the available penetration techniques that are out there for mobile devices.

Paul: Right. Okay. Can you tell me a bit more about the mobile device? 'Cause that's- everyone's got one, right? So everyone is using mobile devices, and certainly within the work environment as well, so what's the threats there? Is it- are they more vulnerable than, let's say, your laptop?

Laszlo: Certainly, because they're naturally connected, in more ways than the people that are using them realize, to the corporate environment. And so our managed security services' architecture is what we call a 'mobile first' strategy. That we're checking vulnerabilities and potential penetration holes inside the- you know, the mobile devices that are used to- for the workforce, to do certain tasks. But at the same time, you know, you know, you asked earlier, 'What do we see and what is the uniqueness? What do we see as a market window for our IT security services and our White Shark service product?' So- and I also mentioned earlier that during these few years of development, we realized that, given the business cycles and the difficulty in understanding, you know, a non-transparent security world of 'what is the need', we realized we have to simplify this environment. So we created White Shark, which is a homogeneous multi-platform and a transparent managed security service environment. So what do each of these different sexy words mean?

Paul: I wanted to ask you! Break that down for me.

Laszlo: So... so it's 'homogeneous', because we're not working in a disconnected service environment that- it- from one service- portal and service area, we can detect all the different threats that can penetrate a customer's network and device portfolio. So it works- and all these sensors that we put on mobile state-of-the-art devices or legacy PCs or macOS-based devices and server-based operating systems, and it all arrives in a homogeneous space, and then we can look at all the different flags and look at, you know, our playbook-based detections, and can react to different alerts that come into that system. So that's why it's homogeneous. In many, many environments, before we created this homogeneous environment, they have to look at several different tools and alerts from several different products, and make a conclusion from that. So that's why it's homogeneous.

Paul: Right.

Tresorit Student Discount Code

Laszlo: It's 'multi-platform', because we can establish our sensors and monitors into different kinds of operating systems and different hardware platforms. Why is it 'transparent'? So transparency comes from multiple different aspects. One, it's transparent because the cost of the different services that we provide, we make it completely transparent. You know, early on, when I started working in the security space, I was the one in the team that did a competitive analysis of what is the competition doing? You know? And are we at the right place at the right time, or not?

Paul: Yeah.

Laszlo: And surprisingly enough, even the main companies sometimes took two, three months to give me a price quote for the different security offerings. And in a small, in a medium business world, that's not- that's just not usable. Because they don't have the time to assess that information, wait for a price quote for two, three months, or even to establish a conversation with the sales team of that competitor of ours. So we made the pricing also completely transparent. Also, on a data level, we are transparent. So, you know, there's this issue of who can be the trustor of the trustees, you know?

Paul: Right.

Laszlo: That's a- in the security world, that's a very important argument and important concept. So we also make it to our customer, whether it's large, small, medium, SMB, that- how is the data being handled and who is the trustee of the trustors. And so... we are- we created this environment, and now we're well underway, working with Microsoft and this (inconclusive) of technology partners to even further simplify these steps. So that, you know, in an ideal world, we'd like to have a product just like Tresorit has...

Paul: Right.

Laszlo: ...that with one click, it installs everywhere. Whether it's a mobile environment, whether it's a legacy PC or a macOS environment, and with a few steps and a few configuration and accepting the terms and conditions and the charge model, you know, and how is the financial transactions in the system, in the trial model, being handled? Then immediately, can start protecting their environment. Currently, we are the industry leaders in- and we are the easiest to install and we are the easiest to understand what we're doing in the managed security services space. However, we even have a, you know, long way to go.

Paul: Yeah. So you're kind of a disruptor, really, to the existing business model? You've got a completely new business model, where- like us, we're a software-as-a-service, you're more like security-as-a-service, and you've put these things together, these elements, that you use.

Laszlo: In this aspect, IT security-as-a-service has been around.

Paul: Yeah.

Laszlo: But certainly, with all these additional aspects of how we're, you know, comforting and ensuring our customers that their data is protected, and that the trustees don't have access to their data, and how- if they do have access, the trustor of the trustees, in what level and how is it protected. Also, from a pricing perspective that- what are they paying for? So from all these- and the homogeneous environment, so they don't have to worry that two weeks later, somebody will tell them, 'Hey, you don't have protection for mobile, so why don't you buy this... buy that... ', and then they get confused, you know, that they have to run multiple environments. So from that aspect, it's definitely a paradigm shift in the space.

Paul: Right. Okay. I wanted- there's one thing that we were talking about earlier, before we started the podcast, which was really interesting for me, and I think we can expand on this is: What are we- what are you guys- or certainly Tresorit as well, what are we protecting from? I mean, we talk about protecting customers' data. And an interesting comment that came up was industrial espionage, or people wanted to take basically your ideas, your IP, whatever it is. Wanted to get in. I mean, we see a lot of ransomware attacks, and we see a lot of publicity around ransomware attacks. It's constantly in the news. Basically, people encrypting files or bringing down your system. But there are other things as well out there that people are not so aware of. Could you give me some information on that?

Laszlo: So... certainly. You know, those are very, you know, James-Bond-type stories.

Student discount uk

Paul: Yeah.

Laszlo: This industrial espionage, which we're also able to diffuse and isolate the adversaries on the network and the systems that they're trying to penetrate. You know, we had cases in the electronic (inconclusive) world and in different other spaces, which we managed to secure the environment for that particular industrial player. However, what we'd like to bring to the attention of all the listeners...

Paul: Yeah.

Laszlo:...that just like Tresorit is very useful to protect data and files on an atomic level, you know, even small medium business enterprises are in need for protection on a system, an operating system, and overall enterprise level. And that can be attained in a simple way, so they don't have to spend months and months on understanding the- you know, what they have to pay for, for the need that they're developing.

Paul: Yeah. Okay. So that, for example, if I'm a small legal firm, and I'm holding sensitive denta- data about my customers, my clients, or I'm an accountant, then something- your service is something that we should be considering and looking at?

Laszlo: Absolutely. And you don't have to spend six months understanding how much you're going to have to pay for that.

Paul: Yeah.

Laszlo: But we can quickly, transparently, you know, assess your environment and give you a quick and easy-to-understand way to protect your data. So it's- especially if, you know, legal firms. What you bring up is a perfect example, because they're handling- and they have third-party liability towards their clients, if they leak their sensitive data.

Paul: Right, okay. And are we- 'cause we have, of course, a lot of- probably there are some listeners out there as well that are from legal entities, who probably don't go that far with requiring additional security services.

Laszlo: Well, they don't even realize the need.

Paul: Exactly. Yeah. I speak to a lot of legal firms, and we sometimes struggle to present our solution to them and why they should be moving to Tresorit for end-to-end encryption services. But certainly, I agree with you that there are other things out there with- we always see, in the press and in the news, it's typically the big organizations that get attacked, because they make great headlines and great stories. But there's thousands of small companies out there that are vulnerable as well, or smaller companies out there that are vulnerable as well. And I'm sure in your experience that you're also helping these smaller companies take protection against.

Laszlo: Absolutely.

Paul: Yeah.

Laszlo: You know, to- even make it more formalized, you know. Our approach and the entry point into the space is in two ways: one is that, you know, simplifying the processes and the steps and the business cycles required that these SMBs and legal firms get protected via our services and products. Number two is using regulatory, especially in the way of insurance, using insurance as a way to incentivize them to acquire protection. Maybe even from a government regulatory perspective, just like GDPR was.

Paul: Right.

Laszlo: Because this way, you know, they can- twofolds, they can lower their premiums on the insurance that they take, and two, the insurance company can assess their risk and assess the premium required to protect, you know, the potential customer.

Paul: Right.

Laszlo: And it's great for the insurance world, because, you know, insurance is a... is what we like the security space to become, a commoditized space. And they are striving and in dire need for additional services that they can offer to their customers. Because, you know, the market is saturated and the- they do not have the ability to easily take away from the other market players. So it's easier for them to grow the market, as opposed to take from another player from the market. And IT security insurance is definitely one service which they- all the people that we talked to in the insurance world, they would love to develop, in a sophisticated way.

Paul: That's interesting. 'Cause I saw this on your web page, and I wanted to come and ask you about the liability insurance, the cybersecurity insurance, because it's something that Tresorit gets asked for frequently. Do we have it? Do we not have it? And I think there are a lot of companies out there, right now, that don't have it. And probably, it hasn't even crossed their mind. Or even, if it's a startup company, but especially in the field of where you're dealing with personal identifiable information, under the GDPR regulations, it's something that should be considered as a must-have, probably. And I suppose, correct me if I'm wrong, but the systems that you decide to use, the systems that you choose, could have an impact on that premium eventually. I mean, maybe it's not so mature yet, but the way things are developing and- around this particular product, that the- your choices that you make with regards to tools and services, will have an impact.

Laszlo: Absolutely. So, you know, I see a perfect metaphor between the health insurance world and the IT insurance world.

Paul: Yeah.

Laszlo: No- you know, for the insurance company, to assess the risk it's taking insuring a patient, first it would like to send the patient to a perfect check-up of all the body parts and all the different aspects of the person's health. And the- this is a, you know, exactly analog to penetration testing on a system or network that the insurance company would like to insure. So it could use security vendors such as us to assess that risk, and then later, it can provide a premium discount if they install our ongoing managed security services, so that it then further reduces their risk in providing insurance for this client.

Paul: And... I mean, a lot more stuff's moving to the cloud now, especially if we look at startups. They're not really procuring anything that's on-premise. They're getting a laptop, they're starting up their- going straight into a cloud service. So... is that something that should also be aware, from that perspective of IT security, choosing the right cloud services, in mind of (inconclusive).

Laszlo: Absolutely. Correct. So IT- you know, cloud-based services add an added level of dimension, you know, in the complexity of IT security.

Paul: Yeah.

Laszlo: And so they have to be separately assessed, of how well they're managing internal security, and then, you know, they have to be assessed when they're actually only used as a particular component of a system or an enterprise of what level of security they're adding to the mix.

Paul: Yeah, yeah. I wanted to go back to something you mentioned, and maybe we can expand on that a little bit, with the risks around mobile. Because we've all got them, and we all take them for granted. We use them every day. We download applications. And of course, there's a lot of data that's being exchanged constantly on them. What's the risk for a business? I think you mentioned to me that particular C-suite can be a target for mobile hacks and mobile devices. So I'd be curious to know where that vulnerability is, and how do you solve it?

Laszlo: So... so... we install, you know, several sensors, about 400+ different sensors that detect, you know, the different actions, both on a device level, and the kernel level that the phone is running of the operating system, and on the application level, you know, the collection of applications that the particular individual is running on that device. And we check different aspects of those applications and the system level as well. For example, you know, many applications leave the clipboard buffer, copy/paste buffer, vulnerable. And then, you know, if you can use the vulnerability of that application to move data in and out of the buffer, then, you know, completely unknowingly, they can be accessing that data and transferring out and having access to vulnerable, sensitive information, as an example. But that, you know, as you can imagine, 400+ sensors, how much information that is collecting from the particular device. And we're even going down to the hardware level now. We're- we partnered with Samsung, and became a developer partner of their Knox environment, which they actually installed hardware features into their phone for security purposes.

Paul: And I suppose my question would be around this is: there's been a lot of news about like Chinese manufacturers and being considered for 5G, various other things, devices... I mean, is there really a concern there, from your perspective? Is there something to be worried about? Or everything is just blown out of proportion. What's your feeling on that?

Laszlo: Absolutely not.

Paul: Alright.

Laszlo: The threat is that all of the manufacturers and creators of software, manufacturers of devices, you know, can put in functionalities and undocumented features into devices, which can, you know, send back information on a backchannel and collect data from the users. And, you know, given the complexity of these products, it's very difficult, you know, given in a time and space and financial assets available, to check how vulnerable these products are. So, you know, Europe and the US is leaning toward just not allowing them at all. So this is what, you know, particularly, you know, the case that we saw in the industry was Huawei.

Paul: Yeah.

Laszlo: That they're completely banned, you know, in different products for electricals, because they realized that they were putting in features which collected data undocumentedly and unknowingly to their users.

Paul: Right.

Laszlo: You know, I can tell you one interesting story that we came across in the company recently, that: We were helping a company which manufactures these entry devices that measure your temperature, your body temperature, and do some biometric checks, you know, during this COVID epidemic, and the device does some verifications. So we were the company to assess the security, given that this inexpensive device came from China, we had to take apart parts of the operating system and look at the- what this device does underneath the hood, outside the applications that are, you know, a company in Hungary was developing, you know, for the utilities on the device itself, for entry- COVID-protected entry into buildings and schools etc. in Hungary. So we realized, after a short while, that in fact, this device that looks so innocent, even though inexpensive, but it was collecting all the information and sending it back to an IP address to China.

Paul: Right. Okay. Yeah, so, I mean, is that- that's a form of espionage, I suppose. Whether it's at a state level or a private level, it doesn't rea- you know, inde- company level. It doesn't matter. That's the point I wanted to try and get to, is that there is- there are methods- these things are just not made up, or it's not, you know, just conspiracy theories. There are actually these things ongoing and happening. Yeah.

Laszlo: In fact, I would say that they're publicizing a lot less cases than they would have, you know, because they're trying to keep this at a manageable diplomatic level.

Paul: Yeah.

Laszlo: But it got blown out of proportion in many cases now. They're doing it, you know, in a blatant way.

Paul: Yeah. Yeah. Okay. Just, I think, what's- you mentioned the COVID situation. And I wanted to touch on that, because it's so relevant now. A lot of people working remotely. What's the challenges around that from an IT security perspective? If you've got an organization, an enterprise. Suddenly it finds all its workers were having to work remotely, or they've enforced that. So what's the challenges around that now?

Laszlo: Absolutely. So with this COVID epidemic, the industry, which was moving toward the zero-trust policy in IT security from a parameter security, it emphasized that effort then. And so the need for such services as White Shark is completely amplified, because they cannot have the ability to make sure that, you know, from remotely, that vulnerabilities don't happen on their network and systems.

Paul: Okay.

Laszlo: That they don't get exposed.


Paul: Yeah. So, I mean, on a typical day, working from home, they are- we're signing in with VPNs, a lot of companies using VPNs right now. What other security measures will we be looking out for? Or should IT security teams be looking out for? When we're working remotely. Or even the employees should be conscious of the fact that they're working remotely. I mean, recently, at Tresorit, we did, I think, some kind of exam or test around the things that we should be doing when we're working remotely from home. So what's your insights on that?

Laszlo: So... you know, in these new environments, or new cases of work environments, where a lot of people are working in so-to-speak 'home offices', then many times, you end up mixing in devices into the work environment, which the company did not provide.

Paul: Yeah.

Laszlo: This is so-called the 'bring your own device' access model. And this is the access model, which, you know, the type of security services such as White Shark can easily get installed on, and it establishes the sensors required to detect the threats that are potentially there, you know, to access data assets and other assets in an enterprise environment. So it's very important that we can seamlessly install and get installed on even devices outside of the corporate environment. Given that we're in a homogeneous, in a multi-platform environment. And this is quite seamless.

Paul: Right.

Laszlo: You only need the- you know, the user of that device would just need to give one consent that we can install, and after that it's seamless.

Paul: Right. Okay. And so you're basically extending the security bubble beyond the on-premise to these environments, with these homogeneous solution of yours?

Laszlo: Absolutely.

Paul: Okay. I think there's now another thing that I'd like to ask you about, because it's- and I mentioned it before, earlier in the podcast - about these ransomware attacks. Okay? Because I just see so much of it going on. And probably, as you mentioned, there's a lot more going on that we're not even aware of. It's just a few of them get into the news. Especially, it seems to be recently that universities are being targeted. Especially back at home, in the UK. I see that there's a couple of universities that have had breaches. My- one of the companies that I used to work for, British Airways, they've just obviously got fined as well, for having a breach. I mean, is it really a minefield out there right now? Is it that there are just so many attacks that security professionals cannot keep up, and a service like yours can help? Is- what do you see- yeah.

Laszlo: A service like ours can help to prevent such ransomware attacks.

Paul: Yeah.

Laszlo: But, you know, the ransomware attack industry is in such a way that, while there are companies out there that pretend that they can, you know, handle the post-incident and fix data, you know, the solution and the unlock keys available to most of the fresh ransomware attacks are not available to any IT security professional. So the industry works in a way that you have to pay attention to the prevention, because post-incident, you get blackmailed into providing Bitcoin or some kind of financial instrument, and then, instead of unlocking your data, they ask you again to pay in Bitcoin or some kind of other way. So the best way is using a service like White Shark, to actually avoid getting hit by a ransomware attack. Because old ransomware attacks, there are unlock keys for, and there are available methods to unlock your data, but, you know, last- the ones that they created in the last six months to a year, they're usually- there's no solutions for.


Paul: Yeah.

Laszlo: So you get stuck in a blackmail environment.

Paul: Yeah. No, and I think what I saw from this particular case, with the universities... I mean, the systems were offline for a considerable amount of time, which caused a lot of chaos for the students, of course, for the staff as well. By not having some kind of incident plan or recovery plan. I could clearly see from the article that this is the case. And this is what's being reported. Of course, we don't know what the situation is. And we think about these large organizations... but you would probably agree that it's also happening a lot at lower level as well? Okay, so it's not just these-

Laszlo: Absolutely. It's just not being publicized.

Paul: Yeah.

Laszlo: Although we have many cases where, for example, a friend of mine used to be in charge of Nokia in Hungary, his sister in Florida is working in a- the largest dental clinic, and all of their data got, you know, encrypted via ransomware. And they called us too late into that incident, so we established, you know, White Shark for their protection.

Paul: Yeah.

Laszlo: For ongoing, you know, future threats. But, for example, that- in that particular case, the unlock keys are not available for that particular ransomware that they got hit with. So they are stuck at the time. Because if they pay then they keep asking them to pay. So I advise to a lot of these small medium enterprises to install protection, install a security service. Otherwise, sooner or later, they're going to get attacked by one of these.

Tresorit Student Discount

Paul: Yeah. Yeah. It's very much a case of prevention, because it's the typical old mindset - and I know that I, over time, have grown up with that, 'It's never going to happen to me. We're too small. Why would it happen to me?' But then suddenly, something does happen, and there's literally only one way out, which is either to pay, or just shut down your systems, and causing a lot of chaos as well. Okay, and I think, as we wrap up- we're going to start wrapping up now. I wanted to get your views around what's the future looking like for White Shark? But, I mean, also from the industry as well. And one question that comes up, which I've been reading a lot about lately, is: Is there a shortage of professionals within the IT security sector? I've been seeing this a lot, that there's a big demand for IT specialists. Is it a skill set that's missing? Or is it just people wanted to come into the industry? What do you see?

Laszlo: There is no shortage of talent and no shortage of people with the proper skill set. And on what I call a- maybe it's only my terminology, an atomic level. So if you ask somebody to- here's that pacemaker, and dissect it and look at how the software is running and what kind of techniques can be used to penetrate it... there's no shortage in that- in the world, in my view and my experience. What there is a shortage of is IT professionals which understand the overall complexities of how to handle this complex environment. When they have to understand different abstraction layers and different system components. So... and- so, you know, when you grow up, what is sexy in your view? When you're in the IT world, it's always how to be a hacker, how to be an attacker. So actually, we have realized over the years that, you know, we have to train people on a- in a- how you defend against these. So we have very sophisticated training courses, and they focus on defensive skills. And we realize that there's many, many good people that we can find with talent, and then we have to train them to attain these defensive skill sets in the IT security world, which- it's in a more comprehensive way that they can diffuse attacks. You know, but the good news is, you know, there is a saying in America that 'Garbage in, garbage out.' So, here the input is very good. So the people that we put through these courses are very good. So the output is very good as well, usually.

Paul: Right, okay. And what about people that want to come into the sector? Maybe from university or maybe somebody right now, who is looking for a career change, because of what's happening due to the COVID situation, thinks that somewhere like IT security would be, you know, a long and a regressive career. What advice or what do you see- what insight could you give and share with them?

Laszlo: We're having several, you know, different courses and in cooperation with universities, so that they can engage in one of these courses, and in a few month course, they can get, you know, all the tools and the knowledge and know-how to become one of these adverse IT professionals.

Paul: Yeah. Okay. And I think, finally then, just what about the future then, for yourselves, as an organization, and the industry as well? I mean, I think, recently, there's a massive demand out there for your kind of services, as we see. But what do you see going forward?

Laszlo: I definitely see that we're going to have a very high market penetration for White Shark, and in a simplified environment. And maybe even going towards the freemium business model, where in a mobile first freemium business model, that will let people realize their vulnerabilities with a free application on their mobile, and then they can expand that into their corporate environment.

Paul: Okay. Interesting stuff. So it's mainly, again, with the trend that we're seeing and the trend that you're following as well, is mobile, yeah?

Laszlo: Mobile first.

Paul: Yeah, mobile first. Okay, Laszlo, it's been really, really good to talk to you! I think you brought some amazing insights and stories with it, with yourself. I wish you the best of luck with White Shark. I really think it's a service that's- could benefit a lot of organizations. And organizations certainly need to take IT security seriously. Really happy to have had the chance to have you here in the studio in person! And all the best!

Laszlo: Thank you so much for the opportunity! In the name of the White Hat team as well. It's been great!

Paul: No problem. Thanks a lot! Okay, thank you very much.

Laszlo: Thank you!

Tresorit Student Discount Program

Paul: Bye, bye! And that is all for today's episode of 'under CTRL'. You can find links to all our social platforms and to our guest in the episode description. If you like the show, make sure you subscribe and leave a review. Join me again in two weeks' time for the next episode.