How Our Technology Works

Wondering how our software will work with and within your operation? Get answers to your questions right here.

Go to FAQs

Elpha Secure features
Small business protected by Elpha Secure software suite

Software Highlights

Why should I use this software suite?

Elpha Secure software — or Elphaware — is designed to dramatically improve your security posture once installed on each compatible endpoint in your organization.

Real-time monitoring, alerts, offsite backups, MFA, and more.

Third-party audited by Security Compass Advisory

Integrates with our cyber insurance to reduce your premium

Software Integration

How is the software meant to function?

Depending on your particular needs, Elpha Secure software can: 

Serve as a lightweight EDR (endpoint detection and response) solution

Be configured with some or all active tools in the Elpha Secure software suite

Be used in a read-only passive mode to fit into existing security infrastructure 

Below you’ll find answers to common queries to help you choose, use, and get the most out of our security software. 

Business owner using Elpha Secure Software

Software Details

Technology FAQs

How will the software be installed?

We’ll send your system administrator or company contact point an invite to the Elpha Secure portal as the first step in the onboarding process. Once the administrator activates their account, they can add additional users or administrators who will each download and install the software. 

Alternatively, the admin can access a bulk installer (EXE on Windows OS, PKG with multiple licenses on Mac OS) and push it out to all endpoints through existing endpoint management software.

Will the software interfere with existing software (especially other security suites)?

Elpha Secure software can be configured in “active mode” with all tools enabled, or individual tools can be turned off to convert it into a passive read-only monitoring mechanism. Our software may have to be allowlisted within other security suites, but otherwise they should have no trouble coexisting.

Will the software be compatible with my devices and network?

Our software is compatible with laptops, desktops, and servers running Windows, recent Mac, and Linux operating systems (headless or with a GUI). It does not run on switches or mobile devices at this time. Any unsupported devices may be kept in their original configuration and still meet our insurance requirements.

Will the software update automatically?

Yes. Our software is like a container for multiple security tools, and the container automatically updates itself along with each separate tool.

Can tools or features of the software be disabled?

Yes. Our software provides separate control over each security tool, allowing customization to fit your organization's needs. If your existing security posture already handles certain scenarios, we allow redundant tools to be disabled. Please contact us to determine whether we consider your tooling to be equivalent.

Has the software been validated by a third party?

Yes, we perform regular penetration tests of our software via third parties. Details available upon request.

Will the average user experience workflow changes?

The majority of our software won’t interfere with existing user workflows, with the exception of our remote access tool. This tool introduces firewall rules to block remote access through RDP, VNC, and SSH by default so that users will need to log into the portal to request an unlock.

If you don’t require the added security provided by the remote access feature, the tool can be disabled by administrators.

What data is collected by the software?

When telemetry tools are enabled, our software collects metadata like system audit logs, which processes are running, open and listening ports, and packet flow statistics (including DNS names). This data enables our machine learning models to generate security alerts that are shared with you.

In terms of file content, our backup tool reads selected directories and encrypts files on the device before uploading them. Filenames may be collected and stored separately to enable our backup restore process to supply meaningful names to the user.

Please see our terms of service for more information about data collection.

Where is collected data stored?

Our primary data centers are hosted by Google in the eastern US. Data backups (encrypted on the device) are stored in Backblaze cloud storage in the western US.

How many system resources does the software use?

Our software is written primarily in native code, minimizing its system resource footprint. To prevent excessive disk consumption, logs are periodically rotated and our dependency list is kept small.

Since we carefully restrict memory use by chunking file and network operations, and CPU overhead is minimal, our software can run even on older machines and in constrained environments.

We rate limit all network usage to 100KB/s, and each installation of our software won't exceed this amount.

How does the remote access tool work?

Our remote access tool mediates remote desktop login by creating a firewall rule to block access through RDP, SSH, and VNC. This firewall rule is created directly with operating system utilities and will likely not interfere with existing firewalls and access control.

Does the remote access tool interfere with other MFA systems?

It's unlikely that our remote access tool will interfere with other MFA systems, but users may be required to unlock twice. In this case, since multi-factor authentication is already present, the administrator can disable our remote access tool without impacting insurance coverage.

How does the backup tool work?

The backup tool performs two functions simultaneously: it periodically scans the selected directories in the background, and it watches the directories for changes (any new files will be immediately backed up).

An encryption key is generated on the device when the software is installed; half of the key is emailed to the user, and half is stored on our portal. Both halves are needed for file decryption.

To ensure a stronger defense against ransomware, our system stores multiple versions of each file instead of just the most recent version (which may have been maliciously encrypted during the attack).

What if my organization has sensitive data that shouldn't be backed up?

Our backup system encrypts data on the device before it's sent to the cloud, but we understand that you may still consider some data too sensitive to send. In turn, you can customize the directories to be backed up on each machine.

The administrator can also disable the backup tool, but keep in mind that another backup mechanism would need to be in place to remain compliant with our insurance policy terms.

Can the backup solution be used to image entire machines?

We don't recommend backing up excessively large files like full machine images, because our backup tool is rate limited to 100 KB/s to conserve network resources. In a cloud environment, the provider's own machine image backup solution is likely your best option.

Cyber Protection, Ensured

Insurance fused with security software for a complete defense.

Request a Demo
> Back Button An arrow to close the mobile menu