A1FILO uses Patented Reverse Hypervisor Sandboxing Technology to isolate sensitive data and cryptography keys that are unencrypted in memory, from environments of unprovable trust levels. When the data and keys are unencrypted in memory, they are isolated using a hypervisor, which provides CPU hardware-enforced isolation guarantees. The only time that data can leave the VM-Container is once it is encrypted (outside the control and reach of malware and users) and mathematically protected.

Sophisticated adversaries and malicious insiders can use various techniques to steal data from today’s DLP and IRM systems. Some examples include debuggers, kernel exploits and kernel Rootkits. A1FILO’s hypervisor enforced isolation prevents data breaches regardless of the avenue of attack, while staying seamless to the user and maintaining confidentiality of the data.