Enterprise keys

Enterprise keys are public-private key pairs in which the private key is split (”sharded”) between a that is hosted in an enterprise’s infrastructure and Confidencial’s cloud infrastructure. Using a CKS and enterprise keys offers , which means that the enterprise’s data is not compromised even if either the enterprise’s CKS or Confidencial’s servers are compromised - it would require the compromise of both infrastructures and the obtainment of encrypted documents for the data to be put at risk. When a CKS is used, Confidencial does not store any wholly-assembled private keys belonging to the enterprise. The public keys associated with these private keys are stored in , but these keys, by their nature, are intended to be widely distributed and their exposure poses no security risk.

⚠️ Content encrypted exclusively for members of an organization with a CKS is protected in an end-to-end secure manner. However, content that includes recipients with a Confidencial , while still secure, is not protected in the same way, as Confidencial individual accounts use or .