Most security services today give you virtual private networks that encrypt your connections (if you work for any sizable company, you probably use some kind of VPN client to log in to your intranet). New York-based Dispel, which is now coming out of stealth after more than two years of development, offers all of these features but then layers a number of other security tactics on top of these traditional methods to ensure the security and privacy of its clients.
At the core of Dispel are two different ways of connecting computers to the Internet (with smartphone support coming in the future). The company calls these ‘Invisible Connections‘ and ‘Invisible Computers.’
Invisible Connections are essentially a twist on the typical VPN connections. Once installed, users simply push a single button and their Internet connections are automatically encrypted and routed through Dispel’s network of servers.
As Dispel CEO Ethan Schmertzler tells me, this ensures that a user’s computer will regularly show a different IP address and appear in different parts of the work, for example, which then makes it harder for a hacker to target that specific machine and eavesdrop on a user’s conversation. At that same time, this also makes it significantly harder to track a given user and to infect a machine with targeted malware.
Schmertzler argues that while encryption helps to protect the content that moves between your computer and the Internet servers it connects to, your computer still leaks a lot of metadata. Even when the connection is encrypted, an attacker still sees your — or your corporate network’s — IP address. Dispel tries to obscure all of this data by passing it through various cloud providers and jurisdictions.
The infrastructure for these connections is completely ephemeral. This obviously sounds a bit like Tor — though without some of the major speed bumps that come with using that technology. Unlike Tor, Dispel also bets on disposable infrastructure.
With its Invisible Computers, Dispel also offers a second feature that aims to almost completely shield its users from attackers. These are essentially cloud-based Linux desktops that users can access remotely. They come with Firefox, Chrome and LibreOffice pre-installed and also connect to the Internet over Dispel’s privacy infrastructure. Once a user is done with a given machine, Dispel destroys it.
Schmertzler tells me that the company is only coming out of stealth now, but that it already has a number of corporate users that use it to ensure their intellectual property doesn’t fall into the wrong hands when its employees travel around the world.
The service currently offers three pricing plans. These start at $19/month for 50GB of data transferred through its network and five hours of virtual desktop usage. The second plan costs $79/month for 200GB of data transfer and 20 hours of ‘Invisible Computer’ usage. At the top end, users pay $199/month of half a terabyte of bandwidth and 50 hours of virtual desktop time.
If your CEO needs a bit more support, Dispel also offers a white-glove service and support for getting started with the service.
Schmertzler also noted that the overall technology the company has developed could also be used for securing IoT connections or other distributed networks. For the time being, though, the team seems pretty focused on its current user base and product.