Glossary

Galaxkey: Galaxkey is a cloud-based content security platform designed and developed on a secured-identity based model.

Corporate Cloud Mode: In this mode, the Galaxkey solution does not require additional hardware or software infrastructure onsite. Private and Public keys are stored on the Galaxkey Cloud Servers.

Corporate Hybrid Mode:  In this mode, the Private keys are stored locally within the organisational premises on a Galaxkey Hybrid Server which can be a physical or virtual solution running on Microsoft Windows Server 2008 R2 and above. The public keys are stored on  the Galaxkey Cloud Servers.

Corporate Private Mode:  In this mode, both Private and Public Key Stores are stored on premises.

Identity (Secure Identity): Galaxkey creates a security identity for all registered users linked to the individual's email address. This identity is stored by Galaxkey in the cloud and is accessible via any Galaxkey-enabled client on proper authorisation and authentication.  Individual Users secure their identity by setting up their own unique credentials whereas the administrators of Corporate Users have full control of those users' identities.  A user can have multiple identities: e.g. for work and personal email addresses. Every identity has a unique pair of Public and Private Keys.

Public Keys: The key accessible over the internet which is used to encrypt a document (an email/file)

Private Keys: The unique key used by a recipient to decrypt a document (an email/file). The private keys are locked with passwords. Galaxkey never stores any passwords.

Invite: The Galaxkey invite is a formal email sent by the a Galaxkey user to a mail recipient who are not registered with Galaxkey inviting them to register.  A Corporate Administrator can send Invites that are independent of any secured mail message.

Acceptance: Galaxkey users who receive an email invitation to use the platform must accept the invitation and complete the registration process to set up appropriate credentials before they become Galaxkey registered users.  

Self-Registration: As an alternative to registration on receipt of an email  Invitation from a Galaxkey user or Administrator, users can register using the Galaxkey App on their hand-held devices, via the Galaxkey Add-in for Outlook, Galaxkey for Windows® or the Galaxkey corporate website and Galaxkey Manager.  This option is not available for Corporate Accounts.

Domain: A domain in Galaxkey must correspond to the domain name in a user's email address.  Corporate users can add other domains to the "Default Domain" which is set up for the organisation on registration.

Corporate Account: This is a Galaxkey account for which a company has purchased a licence.

Individual Account: This is a free Galaxkey account only intended for non-corporate users.

Registered User: A user who owns a Galaxkey secure identity and can therefore use Galaxkey Secure services for at least one email ID.

Login Id: This is by default the same as the email address used when the account is first registered but users can create another ID for use with their account.  These additional IDs need not be in the form of email addresses.

Options for Integrated Authentication: Galaxkey supports integration with Active Directory (using LDAP) or Okta. This integration, thus, enables the Single sign-on capabilities for Galaxkey, relieving you of memorising multiple user credentials. Also, when within the secure network or LAN, you can bypass the repeated authentication to access secured mail.  

Galaxkey Manager: This is the integrated web portal which provides a means of managing and operating a Galaxkey account.  There are three main functions: managing Galaxkey identity, configuration of the Galaxkey account and provisioning the Galaxkey Web Access for both secured emails and secured documents.

Password Recovery: At the time of registration, users must select the password recovery option. The default option is to allow Galaxkey to assist in password recovery.  If the option is not selected, users must answer a set of three security questions which will be used during password recovery.

Reset Password: Individual users have the option to reset their password using a "Forgot Password" option.  This option can be configured for Corporate users or the password reset can be restricted to Corporate Administrators.  The Corporate Administrators can also force users to reset their password.   To do this, the user's password key is extracted and secured with a temporary password. This is then emailed to the user who must use it to effect a change to their permanent password.  Administrators can restrict corporate users from resetting their own password in a policy setting.

Password Timeout: This is the configurable time for which user passwords are stored in memory before they must re-authenticate.  This applies across the full range of clients.  The default is 30 minutes. For corporate users, this is configured by the Corporate Administrators.

Corporate Administrator: Corporate Administrators are responsible for the deployment and management of Galaxkey in a corporate environment. Their functions are primarily to manage the Galaxkey Domain, Configuration and user Identities.  They can delegate selected functions to Service Account users.

Galaxkey Active Directory Connector (GADC): This component assists with inviting corporate users to Galaxkey.  This process involves setting up a Galaxkey group and then configuring the GADC to monitor the members of the group.  As users are added they are automatically pushed to the Galaxkey Manager Portal and invitations are sent to the primary email address for each user.

Service Account & Administrative Rights: A Corporate Administrator can delegate a range of administrative functions to other users.  These users will see an additional button in the Galaxkey Manager allowing them to switch function.

Active Identities: These are the secure identities which are currently operative and able to use the email and file sharing functionality of Galaxkey.

Inactive Identities: These are secure identities which are currently unavailable for use.

Revoked Identities: These are the copies of a user's identity for which old private keys have been rendered invalid when new  private keys are created.

Owner: An Owner is any individual or corporate user who sends an email or shares a document via Galaxkey.

Shared User: An individual or corporate users with whom a mail item or document is shared.

Galaxkey Web Access: Galaxkey Web Access (GWA) is the Galaxkey Web client for viewing and sending Galaxkey secured mails.  It can be used by any supported browser across multiple devices.  It functions without a locally installed Galaxkey client.  Emails are sent by and received in any locally installed mail application.  A link is provided in the mail application which enables the user to view incoming mail in decrypted form via the browser.  Emails composed in the browser are transferred to the mail application for transmission.  (Use of GWA is configurable within a corporate environment).

Galaxkey for Windows: This is a Windows desktop application that provides all the Galaxkey encryption functionalities in a single monolithic platform.  It is fully integrated with the Windows Shell  to allow encryption and decryption via a right mouse-click.  It provides secure file sharing with other users, free Cloud storage and the Galaxkey Vault which secures files for the logged-in user.  They may also opt to secure any third party cloud storage services such as Dropbox, Boxed, iCloud, Google Drive or Microsoft One Drive.

Galaxkey File Security: Enables encryption and decryption of files on the user's desktop.  Access to the encrypted files can be restricted to the individual or to a list of specified users.

Galaxkey Vault: The Galaxkey Vault automatically secures files for a user.  The Galaxkey Vault can be configured in any folder to which they have full read and write access (including folders on networks or or third-party storage).  Once it is configured, any file they copy to this folder via File Manager will be encrypted for the default Galaxkey Identity of the logged-in user.  Files can be directly edited in the Vault, but the files will always be stored as Galaxkey Secured Files.  This data is not synchronised with the Cloud.

Galaxkey Add-in For MS Outlook: Galaxkey Add-in is the part of Galaxkey for Windows that seamlessly integrates with MS Outlook to embed Galaxkey functionality.

Notification: When users send an email, they can opt to receive notifications from selected recipients.  These are as follows:  Acknowledged:  sent if a recipient clicks ‘Yes’ on the notification alert in the email;  Rejected:  sent if a recipient clicks ‘No’ on the alert.  Notifications can be viewed in the Galaxkey Manager also.

Valid From/Valid Till: These options are available when users send a secured  email.  In combination, they define a period during which the email can be accessed.  The valid from date is a configurable feature exclusive to Hybrid Users

Geo-fencing: Geo-fencing in Galaxkey physically restricts secured mail to within an organisations' premises.  The recipients of the secured email receive a link to the mail.  Using this link the mail can be accessed via a browser.

Secure email Conversation (thread): Once any email within a conversation or thread is secured using Galaxkey, the system will ensure that all future elements of the conversation are also secure.

Secondary Password: The secondary password is generated by Galaxkey when a user opts to secure an attachment, for the first time.  Users can procure the secondary password from the corporate administrator and share it with their recipients. Alternatively, they can request that the corporate administrator send it to the recipient  in a secured email.

Administrative Access: If the legitimate stakeholders of a mailbox are not available to decrypt  a secured mail item, Galaxkey allows the Corporate Administrator to access the mail subject to proper authentication. The relevant mailbox owner is informed of any such intervention.

Revoke Email: This process allows a user to prevent recipients from reading a secure email after it has been sent.  It is unlike the Outlook "Recall" function because the original email remains in the sender's mailbox.