Zero trust, zero disruption

Worldr stops breaches with no disruption to your existing Microsoft Teams platform or risk of data loss.

Understanding the problem, securing a solution

Data security doesn’t come down to which company has better protection - it comes down to who owns your own data. At Worldr, we believe you should be the only one who has access and control of the data you produce. To accomplish this, we build zero trust architectures on top of the most popular communication platforms so that your employees can use what they love without you losing your data sovereignty.

We’re seeing more and more headlines like this:

Microsoft tells US lawmakers cloud has changed the game on data privacy, gets 10 info demands a day from cops

The Register July 2021

Pentagon cancels $10bn cloud contract awarded to Microsoft

Financial Times July 2021

GCHQ warns businesses to urgently update their Microsoft email servers after suspected China hack

Sky News March 2021

Third-party organisations have access to everything you share.

For example, Microsoft must maintain a ‘back door’ to access your information so they don’t breach US regulations. It has been reported that Microsoft is presented with 7-10 secrecy orders per day from federal law enforcement.

More about Law

We allow the main database to be securely stored wherever the customer requires it.

This can be in any environment that you're currently utilising: cloud platform, on-premises hardware, data centre, virtual hosting, etc. The granularity of the deployment can also cater to any specific geography or jurisdiction of your choosing.

To mitigate the threat of an attacker accessing files of your database, Worldr uses a specific plugin to provide encryption. This plugin is implemented so when the database starts, the plugin requests the encryption key from an external resource. Typically, when the key is procured, the database proceeds to operate normally because it can decrypt its own files using the key. This means that the database is capable of gaining access to files when started, decreasing the effectiveness of the encryption.

Worldr removes this capability from the plugin. The database within our implementation is not independent and cannot be started on its own as it can no longer access the encryption key automatically. Instead, the database starts in a passive state and waits for the key to be submitted by our application server. Worldr manages the process of getting the key from a secure location and sharing it with the database to get started. All digital assets remain perfectly secure and can reside in any environment whether that be cloud or on-premise.

DatabaseStarts in a sealed state and requires multiple keys for unsealing. Stores all the secret keys for the system.
Admin keysC-suite management are provided with their own key (however many desired) of which a majority are needed to unseal Vault.
Application ServerAuthenticates with Vault and gets the DB key. Detects that the DB is listening for a key and passes it over.
VaultStarts in a sealed state and requires multiple keys for unsealing. Stores all the secret keys for the system.

Only your company can control and access your data.

No third parties, including Micorosft and Worldr, can access your company’s personal data. Worldr enables your company insured data isolation from the rest of the internet.

Kubernetes on‑prem single node

k3s kubernetes distribution is installed on an empty Linux machine and Worldr stack is deployed on top of it.

Prerequisites:
VM
DNS record pointing on this VM
Internet connection
Utilities used:
Curl
Bash
Helm (auto-provisioned)
Kubectl (auto-provisioned)
System requirements: Single node setup should be deployed on VM with minimum 4 vCPU’s and 16GB of ram + 50GB of disk space.

Kubernetes on‑prem multi node

k3s kubernetes distribution is installed on several empty Linux machines and Worldr stack is distributed between them.

Prerequisites:
Several VM
DNS record pointing on these VMs
Internet connection
Open firewall between nodes
Utilities used:
Curl
Bash
Helm (auto-provisioned)
Kubectl (auto-provisioned)
System requirements: Single node setup should be deployed on VM with minimum 4 vCPU’s and 16GB of ram + 50GB of disk space.

Additional components (e.g. Monitoring) can require addtional computing power under extensive load. Requirements mentioned above are suitable for small team size using Worldr.

Contact us
Have questions about our technology? Send us a message.
Contact us