Small & Medium Business

Why businesses need endpoint protection

Only 1 in 4 Small Businesses are Well Prepared for Cyber Attack

Criminals are constantly developing new ways to attack networks, take advantage of employee trust, and steal data. Smaller businesses may think they’re not a target, but that couldn’t be further from the truth. In fact, small businesses with 100 employees or fewer now face the same risk of attack as a 20,000-employee enterprise.

No matter their size, businesses need reliable endpoint security that can stop modern attacks. And since most companies are subject to some form of compliance and privacy regulations, protection for endpoints is 100% necessary to help businesses avoid hefty fines and damage to their reputation due to a security breach.

Small and Medium Businesses

According to the Small Business Administration, the 30 million small businesses operating in the United States employ nearly half of the total workforce. A recent Ponemon study found that nearly 70% of all small businesses experienced a cyberattack in 2017, while half admitted to having no understanding of how to protect their company against an attack.

Unfortunately, these same small businesses have begun to fall victim to cyberattacks at an alarming rate. This reality is putting the entire economy at risk. As large companies spend endless amounts of time and money to fortify their digital assets, cybercriminals, hackers and fraudsters have turned their attention to those that cannot afford such lofty and impenetrable defenses: small and mid-sized businesses.

And that’s a big problem when considering the average recovery costs of a data breach for a small company can top $149,000. Most worrisome, however, is that 60% of all small companies that succumb to a cyberattack go out of business within six months, according to a report by the U.S. National Cyber Security Alliance.

Cyber Attacks Cost Small Businesses

Worsening Cybersecurity Threat

According to the Continuum Survey completed in 1st qtr 2019, Cyber-attacks cost small businesses in the survey $53,987 on average. Large organizations lost more money. Companies with 10-49 employees lost $41,269 and those with 50-249 employees were in the hole for $48,686. Those with 250-1,000 employees ended up losing $64,085 per incident.

The cyber threat landscape is getting worse. The good news is small businesses are more aware of this fact, but not everyone is. In the survey, more than 6 in 10 or 62% of the organization don’t have an in-house expert to properly deal with security issues. Only 41% currently have cybersecurity experts in-house.

Cybersecurity remains one of the most challenging issues for small business owners. And the problem leads small business owners to seek out managed service providers to present them with solutions.

Enter EndpointLock and KTLS

Keystroke Transport Layer Security (“KTLS”) is a patented cryptographic protocol that provides for the encryption and transport of keystrokes, at the kernel level. It activates at the time of secure boot, or entry into any application or web browser. This proprietary technology is unique to CromTec Cyber Solutions.

KTLS can be utilized in both desktop and mobile environments as a critical component of endpoint security. The protocol provides strong cryptography at the time of keystroke entry, to protect the initial transmission of usernames and subsequent keystrokes entered in to any program or application.

EndpointLock is the commercial product name by which KTLS is implemented within an enterprise.

What Are Keyloggers?

  • Keyloggers can record every keystroke made on a mobile device or desktop
  • Keyloggers are the single biggest threat leveraged in the first stages of almost all advanced threats
  • Today’s anti-virus solutions are unable to identify and stop keylogging
  • 98% of enterprise breaches include a phishing attack to install a keylogger
  • Keyloggers can change form and go undetected for months or years

How Keyloggers Hurt Businesses?

Keyloggers can steal your:

  • Privacy
  • Usernames and passwords
  • Personal identity
  • Credit card numbers
  • Proprietary corporate data
  • Email accounts
  • Corporate transactions
  • Banking data

Up until now, organizations have lacked the ability to fully protect their endpoints from a zero-day keylogger. Most keyloggers have the ability to change their form and go undetected as they quickly spread between the endpoints in your enterprise.

How do you fight back? With EndpointLock: Patented keystroke encryption for desktops and mobile devices.

EndpointLock™ Key Features:

Continuous Protection

  • The only solution that protects against zero-day keyloggers.

  • Operates as an anti-subversive, detects untrusted drivers and displays a warning containing the name of any suspicious driver.

  • Automatically installs to your TPM (Trusted Platform Module) if available.

Visual Alerts

  • Anti-Screen Scraping blocks screen capture.

  • Anti-Clickjacking Warning visually alerts you with a red dotted outline of untrusted areas.

  • CryptoColor: Visual confirmation highlights verifies the text fields are safe to type into.


  • Can be installed in an enterprise and deployed via group policy.

  • Compatible with McAfee ePolicy Orchestrator

  • Can encrypt double-byte characters

  • Can encrypt all international keyboards

  • Works with PS2, USB, Wireless & Bluetooth keyboards


  • Built here in the USA, and more than 8 Million consumers and corporations have already downloaded our technology.

  • McAfee ePO (ePolicy Orchestrator) Compatible

EndpointLock™ for iOS and Android Devices

  • Supports: Apple iPhones & iPads, Android Phones & Tablets.


  • Encrypts all user keystrokes
  • Creates a secure keyboard with your branding
  • Supports all iOS and Android mobile devices
  • Supports all 5G iOS and Android IOT devices
  • Routes encrypted data around the vulnerability
  • Protects against infected apps and phishing emails/messages

An estimated 16 million mobile devices are infected with mobile malware, with threats constantly on the rise. Traditional keystroke data flows from your mobile keyboard through your operating system before it appears in your apps. Hidden along the way are areas of vulnerability where cyber criminals can plant keylogging spyware. With (BYOD) Bring your own device and mobile cyber attacks both increasing, enterprises must address security with tools to thwart the massive vulnerabilities that exist when using infected apps and phishing emails and messages, which download keylogging spyware.

EndpointLock™ for Mobile protects your keystroke data by installing a secure encrypted keyboard that creates an alternate pathway to your apps, routing your encrypted data around the areas of vulnerability. For added security, the EndpointLock™ pathway is protected by a complex 256-bit encryption code

EndpointLock™ Mobile SDK (Software Developer’s Kit)

Secure your Desktop and/or Mobile Apps

Get keystroke encryption embedded right into your desktop and mobile app. Users will feel confident as they provision and use the app and add their credentials including typing in their credit card numbers.

EndpointLock for Desktop Other Security Features

TPM (Trusted Platform Module) Support:

EndpointLock will automatically detect if a PC has an Intel TMP (Trusted Platform Module) chip, which is designed to secure hardware and software integrity by integrating cryptographic keys into devices, and will install directly to the TPM on the PC.

Kernel Compromise Warning Feature:

Warns the user of a kernel breach by detecting the presence any unsigned software or if a driver has been altered since it was released. EndpointLock indicator will turn yellow to indicate warning and log details of the breach including identity of the breached computer and its file location within that system.

Self-Monitoring Capability

Anti-subversion technology prevents EndpointLock from being
by-passed by other software by reinstalling itself in the first position in the kernel level.

Anti-Screen Scraping Feature

Hides the screen from screen loggers and sends them a black screen.

Anti-Clickjacking Feature:

Makes the invisible, visible. Hackers can embed invisible objects into
iFrames, EndpointLock can detect this type of attack and unhide the invisible object, and paint a border around the object, alerting the user not to click on this object.

How EndpointLock™ and KTLS Work

EndpointLock proactively stops keyloggers by encrypting each keystroke at the point of data entry, and rerouting the encrypted keystrokes directly to the browser or desktop application.

With EndpointLock, instead of capturing your actual data, keyloggers see only a random string of meaningless numbers.

EndpointLock is designed as a secure keyboard, available whenever a browser or desktop application is launched. This keyboard can be branded with your logo and hyperlink.

KTLS uses the AES encryption with a key size of 256 bits to encrypt keystrokes. The same key is used to encrypt and decrypt.

The KTLS protocol secures connections between the keystroke and applications:

  • Symmetric cryptography encrypts the transmitted data to ensure privacy
  • The keys for this symmetric encryption are generated uniquely for each connection
  • The encryption is based on a shared secret generated from the Trusted Platform Module, or else by a built-in Random Number Generator
  • Keyloggers can’t obtain the negotiated secret, even if they place themselves in the middle of the connection
  • No attacker can modify the keystroke transmission during the negotiation without detection, which generates kernel-layer alerts
  • The encrypted session key is stored in secure memory, shared by all KTLS system components
  • KTLS proactively reroutes the encrypted keystrokes directly to the browser or desktop application

Trending for Business: BYOD

Bring Your Own Device

  • 80% of businesses support a BYOD policy
  • 60% of workers use a smartphone for business purposes
  • BYOD market: $30 billion in 2014  à  $367 billion by 2022
  • Companies encouraging BYOD save $350 per year, per employee

67% of business data breaches are due to employee mobile device use

*Source: Forbes, January 2019

EndpointLock Features:

  • A toolbar turns on automatically when browser or application is launched
  • Advanced, 256-bit encryption
  • Early-warning kernel and ID theft monitoring
  • User-friendly, comprehensive reporting dashboard
  • Screen-capture protection
  • Clickjacking protection
  • Protection against Dark Web email attacks*
  • ID theft protection insurance*
  • Crypto-color visual verification technology

*Add-on, enhanced services, for licensed EndpointLock solutions

EndpointLock Benefits:

  • Enterprise-grade
  • Certified by Windows, Mac, Linux, Android and iOS operating systems
  • Supports keyboard-enabled iOS and Android 5G IOT devices
  • Deployed directly into Layer 0, within the kernel itself
  • Encryption and decryption occur directly within the application, without any modification to the app required
  • Compatible with Intel’s TPM (Trusted Platform Module)
  • Easily scalable: deployed through MS GPO, PowerShell, SCCM and 3rd-party apps
  • Works with PS2, USB, wireless, Bluetooth and international keyboards
  • Small memory footprint
  • Requires no spyware database updates

EndpointLock is CromTec Cyber’s unique flagship product, and is a crucial component of a comprehensive Managed Endpoint Security strategy, which we can craft for your business.




  • Identity
  • Passwords
  • Online purchases
  • Credit cards
  • Banking data
  • Health data
  • Email and texts


  • Logins and passwords
  • Employee keystrokes
  • Enterprise risk
  • Corporate IP
  • Transactions
  • Financial data
  • HR data

CEMS – CromTec Endpoint Managed Security

The CEMS Product Suite:

Establish a layered security strategy, with a customized program:

  • Assess your risk and threat vulnerabilities
  • Manage your endpoints
  • Detect and respond to threats
  • Provide back-up and disaster recovery solutions
  • Implement effective policies
  • Monitor your cyber health status