Frequently Asked Questions
What is a User?

A User is an individual or Group that has a Role in your CloudDash Entity. Every User has his or her own row in a CloudDash matrix. Users are not applicable in your My VESstorage page.

What is an Entity?

An Entity is a relevant grouping of Apps and User in using the CloudDash page. There are several types of Entities: Company, Team, Department, Client, Family and Individual. For example, the Jones family might create an Entity for their family. A business owner would create Entities for each their companies. An accountant would create an Entity for each client.

Who can create an Entity?

Anyone with a VESvault account can create an Entity, but upon doing so automatically inherits the role of Admin for the Entity. Only Admins can add and delete Apps and Users to an Entity. There can be more than one Admin to an Entity.

What is a Role?

A User in an Entity can have one of four roles: Admin, Manager, User and Audit. Anyone with a designated Role will appear on your CloudDash table for your Entity. Anyone without a Role would appear under the Guest section.

What is the distinction of the four types of Roles?

Every Entity must have at least one Admin. The Admin has complete control over the CloudDash matrix for the Entity. The original Admin can assign any Role to any party in the Entity. Admins have full edit permissions. Managers can edit Users but not Apps. Auditors have read-only access. Users can only edit their personal Lockboxes and connect their 3rd party document storage accounts. Clients do not have any edit rights to the CloudDash Entity.

What is a Guest?

A Guest is a User who does not have a Role in CloudDash for a particular Entity. Roles are shown in the second column of the CloudDash matrix.

Why are there Guests in CloudDash?

To show the individuals and Groups who have access to files and folders in your connected 3rd party drive, but do not have a Role in a CloudDash page.

Why don't Guests have a Role?

When connecting 3rd party document storage Apps, such as Google Drive, Microsoft OneDrive and Dropbox, to your CloudDash Entity, all parties with which you share document access are automatically imported from the storage App. It is up to the Admin of the CloudDash Entity to assign Roles to these persons or leave them as Guests.

Why import Guests?

So that you can see all the fringe parties in your Entity – all the players with which you share documents – while also keeping them separate and distinct from the core people in your Entity, who are identified with Roles. You get to see it all, but in a layout that separates the core from the fringe Users to keep things organized and easier to use.

Is there an example of who should be a Guest?

Yes, the public for one. Some document storage providers allow public access to documents. When imported into CloudDash, a group called Public is created and is treated as a Guest. Other examples may be vendors and customers to which a small number of documents are being shared.

What is VES?

VES is an acronym for Viral Encrypted Security, a patent pending exclusive technology that employs state of the art encryption in combination with a User defined virally connected network of Friends to virtually eliminate the possibility of losing data in the event the encryption key is lost. With VES, your pre-selected Friends can easily assist you in the full recovery of the lost data. The beauty of VES is that viral network extends beyond your directly connected Friends to include all the Friends of Friends, and so on so that the probability of losing your data rapidly approaches zero percent.

What is My VESstorage?

VESstorage is the consolidated page of all your connected storage services, both 3rd party and Lockbox. It is a file-based view while the CloudDash tool is a user-based view. Currently Google Drive, Microsoft OneDrive, Dropbox and CloudDash Lockbox are supported by VESvault and can be viewed in both CloudDash and My VESstorage.

What functionality is there in My VESstorage and CloudDash?

The primary purpose of VESstorage is to manage your VES encrypted files, regardless of where they are stored. CloudDash also does this but from the perspective of the Users who have access to your files. You can view, download, encrypt, update, delete, rename, move in VESvault and have the action translate to your 3rd party storage. You can also launch the 3rd party storage service to view the file.

Is VESvault a cloud storage service?

Not really. VESvault has been designed to work in conjunction with 3rd party document storage providers to enable Users to store and retrieve encrypted files on their accounts with these providers. As such, your encrypted files are stored with your storage provider. The one exception to this is Lockbox, which sacrifices some functionality for additional security for those isolated situations when the trade-off is justifiable.

What is encryption?

Encryption is a process of scrambling the contents of a file so that it is both unreadable and too difficult to unscramble. Think of a jigsaw puzzle in many trillions upon trillions of pieces – more pieces than there are atoms in the Galaxy. You could essentially give the encrypted file to anyone and they’d never be able to put it into readable form.

Why use encryption?

Encryption is, by far, the safest way to store electronic information. Nothing else even comes close. It’s how the US Government stores its secret information. It’s how Hillary Clinton and John Podesta did NOT store their emails, and hence why they were at risk to espionage and Hacking.

How and when do I know encryption and decryption are working in VESvault?

Multiple ways: 1) our spinning vortex animation tells you something is being encrypted or decrypted. The vortex spins inward when a file is being encrypted and stored in the cloud. When an item is being opened and decrypted, the vortex spins outward, in the reverse; 2) the “.VES” file suffix on the filename in your 3rd Party Storage Service and in VESvault; 3) the VESvault or CloudDash thumbnail for each encrypted file in your 3rd Party Storage; 4) the vault door icon in front of the filename in VESvault and 3rd Party Storage Services, and 5) if you copy the file to a text editor to open it, you will see nothing but random characters.

Can anyone read the encrypted files stored on 3rd party providers?

No, but it is possible they can have access to them if you’ve granted them access. While they couldn’t open and read them, they could potentially delete or damage the files so you should take care to whom you grant access.

Can anyone in VESvault or the 3rd party provider read my files?

No! That’s the beauty of encryption, and particularly the beauty of VES encryption! Only
you
possess the key and only you can decrypt the files. You can grant access to other users, through the CloudDash page, to enable them to read your encrypted files.

Are there different types or levels of encryption?

VESvault uses publicly available algorithms that meet industry security standards as providing the highest level of encryption (e.g., 256–bit AES and 2048–bit RSA) that cannot be broken (brute force decrypted) with today’s level of computer processing power.

What is Lockbox?

Lockbox is specialty storage solution specifically matched to your CloudDash matrix. It is meant to be used when you have specific information, such as a password, a photo of a driver’s license, etc, that specifically applies to an individual cell in your CloudDash matrix (the intersection of a User and App). There is one Lockbox per cell and it is owned by the associated User and only the associated User.

What can be stored in a Lockbox?

There are three types of Items that can be stored in a Lockbox: passwords, notes and any type of upload-able files. There is no practical limit on the number of each that can be stored.

Why use Lockbox and not a 3rd party storage app?

Lockbox is meant to complement 3rd party storage providers and not replace them. It has some benefits that are achieved with some tradeoffs. The benefits include: each Lockbox is owned by only one person and only that owner can add, delete or edit Items in the Lockbox; each Lockbox is specific to an App/User combination giving it a level of organization that is harder to achieve in 3rd party solutions; only encrypted Items can be stored in Lockbox to give the User the assurance that if it is in Lockbox, it is encrypted. These benefits provide the User with an extra level of security at the expense of flexibility associated with 3rd party services.

Why have multiple Lockboxes?

Lockboxes allow you to organize and compartmentalize your information relevant to each App/Item, which is the overall theme of the CloudDash page. You can also selectively share individual Lockboxes with other users in your Entity without giving them access to other Lockboxes. For instance, Lockbox is a great place to store passwords for the App, as both a backup to you and as a means to share with other users if need be.

How does Lockbox sharing work?

When in your particular Lockbox, you select the available Users in the particular CloudDash Entity.

Can people with whom I’ve shared a Lockbox, edit it?

No. They cannot edit, add or delete any items in your Lockbox.

How do I share and un-share a Lockbox?

Simply click on the Lockbox icon for your App (the keyhole icon in the lower right corner of any cell in your CloudDash matrix which appears upon mousing over the location), enter your VESkey, select and deselect from the list of available Users and Save. VESvault will automatically send out alerting emails to the new Users that they have been granted access to your Lockbox.

How do I know who has access to my Lockbox?

The skeleton key icon in the CloudDash matrix indicates which Users have access to your Lockbox for a particular App/Item. You can always see all access granted to all Lockboxes on your Clouddash matrix without having to go into individual Lockboxes.

What is VESrecovery?

Our patent pending Viral Encrypted Security (VES) process allows you to use encryption without fear of losing your encrypted data in the event you lose your encryption key. Keep in mind, that without an encryption key, you can never recover encrypted data. With VES you have the safety of being able to recover your encrypted data
even
if you lose your keykey but without giving anyone access to the key or your data. VES takes the risk out of using encryption and makes it easy, fast and safe for mainstream use.

How does VES work?

By pre-selecting a network of Friends you are essentially storing a scrambled copy of your backup VESkey in their respective VESvaults (and hence also encrypted under each of the Friend’s encryption keys). When you check the “I lost my Key” box VESvault automatically sends email notifications to your pre-selected Friends, requesting their assistance. After entering their own VESkey (hopefully only after voice verifying that you actually made the request) they then click “Assist” and you get your VESvault contents back.

What if my Friends also lose their VESkeys?

The beauty of VES is that it’s viral. As long as your Friends also selected their owns Friends, and so on, it only takes one person (for single person VESrecovery – see Distributed VESrecovery for multi-person recovery) to remember their VESkey for you to get yours back. Think of it as a village of people with lit torches. As long as one torch is lit, all the others can go out and the single lit torch can be used to relight your torch.

So, there’s still a chance that VES won’t work?
It doesn’t take much of a connected network of Friends (how many Friends do you have on Facebook?) before the odds of not being able to Recover your data get ridiculously small, regardless of the probability that any one person loses their key. Go to our page for our interactive tool so show you the odds of losing your data.
Is VESrecovery a backdoor to getting past encryption?

No. When using Distributed Recovery, it would be harder for your Friends, or anyone else, to use the Recovery VESkey Tokens you shared with them to gain access to your data than it would be to brute force decrypt the data itself. In terms of unscrambling the shared Recovery VESkey Tokens, sharing with as many Friends as you like is essentially as safe as sharing with none at all. Using Distributed Recovery adds another level of security on top of this, but should be employed with a sufficient amount of Friends to ensure the odds of recovery remain high.

How is sharing my Recovery VESkey so safe?

For multiple reasons. First, your Friends are never in possession of the VESkey Token. Rather, the system stores a copy of the Token under their VESvault, using their encryption key to encrypt it and keep it safe. When they assist you, the system uses their VESkey to decrypt the Token and then immediately re-encrypts it using your new VESkey for you to retrieve the next time you open your VESvault. Second, if you use Distributed Recovery, each Token is scrambled to the point that even if your Friends could come in possession of it, it would be as hard to unscramble as it would be to brute force decrypt your data. Third, even if they could decrypt your Token to create the actual Shadow VESkey, there is no interface to use it. Shadow VESkeys are not the same as the Primary VESkeys and can only decrypt data to which there is no public means of access. Your Friends would then need to Hack the system to gain access to all the encrypted files.

Can I continue to use VESvault while my key is lost?

Yes. You simply create a new VESkey and start from scratch by depositing new items.

Will I lose the old data if I use a new VESkey prior to VESrecovery?

No. You never lose your data. You just lose access to it until you either find the lost VESkey or your Friends assist you in Recovery. Every time you create a new VESkey, be sure to share it with Friends. Friends can only help you Recover data that has been deposited to your VESvault for your working VESkey. They cannot help you recover items deposited with the previously lost VESkey, unless they were selected as a Friend for that Key as well.

Can I have multiple VESrecovery Processes happening simultaneously?

Yes. That happens when you’ve lost a VESkey, created another and lost the second VESkey before you recovered the items from your first VESkey. Don’t worry, nothing is lost and the Friends you selected for each key can assist you in VESrecovery for the lost VESkey with which they are associated.

What is Distributed VESrecovery?

When you select your Friends for VESrecovery, you also select the number of Friends who need to assist you before you can Recover your lost key. When you specify that at least 2 Friends are needed for VES Distributed Recovery, the system scrambles the key so that to descramble the Tokens to recreate the key, you would need Tokens from the number of Friends you selected.

How does Distributed VESrecovery work?

It’s linear algebra, which requires at least as many independent equations as there are variables to solve. If you chose that
X
responses for Distributed VESrecovery are required to unscramble the Token out of the total
N
Friends you've selected, then the algorithm uses
X
variables to scramble the key for a set of
N
independent equations. These
N
scrambled equations are sent out to each of your
N
Friends, of which
X
of those Friends must assist you for VESrecovery. All you need to know is that any
X
of the
N
Friends you selected can assist you for successful VESrecovery.

Is Distributed VESrecovery really safe?

Yes. We use the same number of bits (256) that are used in the encryption process. That means it would take the same general computing power to unscramble the key using brute force as it would to use brute force to decrypt an encrypted file, whether you select 2 Friends for Distributed Recovery or higher. So, having two Friends as opposed to twenty for Distributed VESrecovery doesn’t make it any easier to unscramble any Token shared with any single Friend.

If that’s true, why select a number higher than 2 for Distributed Recovery?

The more Friends you select, the less chance that at least one of them won’t voice verify with you before Assisting you in Recovery, and thus reduce the possibility of Social Hacking.

Does increasing the number of Friends needed for me to recover my VESvault affect the odds of not being able to recover it?
Yes and No. The higher the number you choose as being required for VESrecovery, the higher the chance that you won’t recover your VESvault for any one level of Friends. But, on a practical note, with enough levels the odds of no Recovery still approach zero, and that includes exaggerated levels of probability of losing a key. See for yourself with our interactive tool.
What if I don’t have enough Friends initially or I’m not 100% comfortable relying on a viral network of Friends?

We created the “VESvault Friend” just for these purposes. VESvault Friend always comes up as the first selection in your list so it is easy to find and select. We keep a physical version of the VESkey for the CloudDash Friend account in multiple locked locations. Should you need assistance, you can rely on our staff to assist you. However, we strongly recommend that you wean yourself off using CloudDash Friend as a Friend because we can’t voice verify and we would prefer not to encourage the use of this service. It’s really meant only to get you comfortable that everything works.

Why voice verify?

To protect against the remote possibility that a Hacker, who has accessed a person’s VESvault account – by either acquiring their password or acquiring their computer with the browser having an open VESvault session – from gaining access to the person’s encrypted contents through the VESrecovery process. Although such a Hacker does not have direct access to the person’s existing VESvault contents, if they select “I have lost my VESkey” to initiate the VESrecovery process and create a new VESkey, Friends would give the Hacker access to the encrypted data by “Assisting” them in VESrecovery and re-sharing the old contents with the new VESkey. By voice verifying, you are eliminating this possibility and are protecting your Friends.

Is that why my VESkey should be different from my password?

YES! You should NEVER use your account password as your VESkey because it completely negates the whole purpose of encryption. Also, you should use Strong choices for BOTH your password and your VESkey, but especially for your VESkey. If you don’t know what Strong methodology is, Google it.

What is the probability that any single person loses their VESkey within a timeframe?
We don’t have an exact average number, yet. But, in using the interactive tool, the probability to enter is not the probability that a person will lose their VESkey in their lifetime. Rather it is the probability they will lose it between the average amount of time they use it to open their VESvault. If, on average, a person uses their VESkey every day then the probability selected should reflect losing the key in a 24 hour period. We suggest starting with a one week timeframe to be safe and a really high probability of losing the VESkey within that one week, 30%, also to be safe. Even with a high probability, with enough Friends, the risk of no VESrecovery eventually approaches zero percent – you can verify this yourself on .
What should I put as the number of Friends needed to assist to enable VESrecovery?

There is a big benefit in going from 1 Friend to 2, but mathematically there isn’t any real need to go beyond 2. The only benefit of going higher than 2 would be to reduce Social Hacking. As a rule we suggest you have 5 times as many Friends as the number of Friends your require for Assistance in Recovery.

What is Social Hacking?

Social Hacking is when two or more top Hackers work together to break into your VESvault. For instance, one Hacker would steal your password and break into your account. Since this Hacker doesn’t have your VESkey he could not break into your VESvault, so he might initiate VESrecovery to gain access to it. The second Hacker would also need to be one of your selected Friends and would assist the first Hacker with the Recovery and thereby gain access to your VESvault. We know, the probability of this is astronomically low, but since VESvault is all about security, we wanted to have an answer for this remote possibility. Social Hacking is why you should always voice verify before assisting a Friend in Recovery.

What is a googol?

A googol is the super large number 10100, which is 1 with 100 zeros following it. That is more than billions of billions times larger than the number of atoms in the observable Universe, which is about 1080. Rest assured, if the odds of not recovering your VESkey are less than 1 in a googol, you're in the clear.

What is the "Monthly Traffic" limit for VESvault?

It is the aggregate amount of MBs that you encrypt or decrypt during the month. We add files at their actual size, with a 1 megabyte minimum threshold for every file. So files that are smaller than 1 megabyte will be counted as 1 megabyte, but a 1.8 megabyte file will be counted as a 1.8 megabytes. The total sum of all files that you encrypt/decrypt within the span of a month is your Monthly Traffic.

What if I exceed my "Monthly Traffic" limit for VESvault?

You can’t. If you reach the Monthly Traffic limit for your plan, you will not be able to encrypt or decrypt any more files in VESvault until the end of the month. Or, you can upgrade your Subscription to a higher limit Plan.

What is the "Number of Cells" limit for CloudDash?

In CloudDash matrix, each intersection of a User (row) and App (column) for each Entity is a Cell. Add the total number of cells for all of your Entities, to get your number of cells. If your CloudDash reaches the maximum number of cells for your Subscription Plan, you will need to upgrade your Plan in order to add more cells to any of your CloudDash matricies.

What is the "Storage Used" limit for Lockbox?

The total size of all the files stored in your Lockboxes must stay within the maximum size allowed by your Subscription Plan. You will not be able to upload files that bring up the total size past your limit unless you upgrade your Subscription Plan. If you have a Premium Plan and you go above the maximum value (6Gb), you will need to pay $1 for every gigabyte beyond the 6Gb limit.

Can I cancel my subscription at anytime?

Yes. To do so, select the Free plan in the Subscription popup. After you do that, your current plan will expire at the end of the term that you have already paid for, following which you will be automatically switched to the Free plan.

How do unused credits work?

If you purchased a plan and switched to a different plan before the end of the time period that you paid for, you do not lose your unused money. Instead, this money becomes your unused credits and helps you pay for the plan that you switch to. If you switch to a Free plan, then you will stay with the current plan until the end of the time period that you paid for, and then you will be switched to the Free plan.

What is the "Send Message" pop up?

When you share a file with a person, you can also send an end to end encrypted message to them. Right now we use Signal and later we will add other services.

How does it work?

The Signal encryption engine on your device is used to encrypt the message locally. Once encrypted it is sent to our server where the group message is created and then passed to the Signal server, where it is then sent to both the sender’s and receiver’s Signal accounts.

Will the message sent through VESvault be the same as the message sent through Signal to my phone?

The only difference is that a message sent using VESvault will show up on both the sender’s and receiver’s signal apps as a group message between the two parties. This will be a second and different message chain than the regular Signal message chain.

Does VESvault save any information at all regarding the message?

No. We do not save the encrypted message nor do we save any metadata records that a message was ever sent.

Is VES encryption used to encrypt the message?

No. The message itself is encrypted using Signal’s encryption protocols.

Can I send a message to a person who doesn't have a Signal account?

No, in order to send a message both parties need to have Signal accounts.

Will the Signal account show up automatically?

Maybe. If the person's Signal account information is already associated with their VESvault account, it will be automatically available when you opt to send a message to that user. If not, you can add the user's Signal phone number yourself.

What is the format I should use to enter a phone number?

Signal uses international phone number format, so that is what you should use. First input the + sign, then your country's calling code, then the phone number. For example, the US calling code is "1", so the US number 555-222-2222 will look like this: +1-555-222-2222. It's up to you whether to include the dashes and the plus sign, it will work right either way (so 15552222222 is OK too).

Can people always see my number?

We don't want people to use our messaging pop up as a reverse directory search to obtain users' phone numbers. As a precaution against this, only the last 2 digits of a user's associated Signal phone number will be visible to other users.