You can now cancel your Virtru subscription from the Profile tab of your Virtru Dashboard. Before you do, there are a few things you should know:
By cancelling, you’ll be downgraded to the free version of Virtru. This means you’ll lose the ability to revoke messages, disable forwarding, and set an expiration date for emails you send. You’ll also lose your ability to manage the Virtru-encrypted emails you and your team have sent in the past.
You will, however, still be able to read secure messages that you’ve sent and received and continue to send secure email.
Note: If you’re a G Suite (formerly known as Google Apps) Admin who has added Virtru to your G Suite Marketplace, the above does not apply. Please contact email@example.com if you’d like to cancel your account.
Encrypted Search does not weaken the strength of Virtru’s symmetric encryption or give Virtru access to unencrypted content. It is an extra step added on top of the AES-256 symmetric encryption used to encrypt the message as a whole.
At a high level, the output of Virtru’s Encrypted Search has stronger security properties than Tokenization, so, if Tokenization is appropriate for use in your context, then Virtru’s Encrypted Search likely is, too. However, like tokenization, enabling Encrypted Search may allow a third party to infer relationships between messages.
For setup of up searchable content, Virtru will authorize only specific users to obtain search keys. These are keys that enable your users to both create and search content. Loss of these keys must be protected against, as loss of these keys may result in other users interrogating encrypted content determining whether an encrypted object is likely to contain a particular keyword. This process would NOT reveal the word’s position in the content, and it is NOT guaranteed that the word actually appears, since the algorithm has a built-in false positive to mitigate this kind of attack.
On query, cloud providers or other adversaries may associate each search token to all documents that match the token. Whenever a user searches for the same keywords, an adversary can infer the frequency of the search. When searching for both plaintext and encrypted content in the same session, it can imply an association between the encrypted tokens and the plaintext words.