Cloud storage everywhere and nowhere
There is no Cloud…
As cloud computing comes of age, we still hear people referring to the popular meme: “…it’s just someone else’s computer”. Many pundits have tried to debunk this as an oversimplification but for organisations starting out on their cloud journey it still holds true. For them, the cloud is just a place for saving files on remote systems owned by someone else. The downstream impact of this can be seen in recent findings reported by Digital Shadows. They detected exposed information in over 60 billion files (including documents, database backups, configuration files and source code) simply by scanning major cloud storage platforms!
Information ≠ Data
The terms information and data are often used interchangeably but they are not the same thing. The information comprises knowledge and understanding that has value and risk. IT systems manage and retain digital data which provides an encoding layer or substrate on which information sits. Data disclosure through storage mismanagement, leakage, or cyber-attack, permits unauthorised decoding of the substrate and, therefore, provides access to the Information it supports.
Encryption, Encryption, Encryption
For many years, the use of encryption to secure data using mathematical functions has been sufficient to obfuscate the data substrate and thus protect the information it conveys. Encryption translates information by using an algorithm to alter data in a way that makes the original information unreadable. Authorised users can decrypt digital data using a key to enable access to the original information. Had the owners of the files (found by Digital Shadows) been aware, they would have taken the time and care to encrypt them. However, either they didn’t know they needed to, or they had been given the impression that the cloud environment was secure and would somehow do it for them.
What about Quantum Computers?
A growing concern is that the advent of quantum computing threatens the viability of current encryption methods. Quantum computers will provide lightning-fast code-breaking capabilities, devouring the complex mathematics underpinning encryption. The development of quantum cryptography which exploits quantum properties, on the other hand, may provide new and unbreakable forms of information security. However, we cannot be sure these new capabilities will come to fruition in the right order, and current methods for securing digital information may be rendered useless long before quantum cryptography is solved.
Enabling Quantum Resistant, Hyper-secure Storage in the Cloud
At Prizsm Technologies, we have developed a computational storage capability that provides a flexible, easy-to-use, solution for quantum-resistant, hyper-secure cloud storage. Our algorithm disrupts data by chopping it up and randomly distributing redundant, complementary shards to locations across multiple cloud platforms, meaning information is stored “everywhere and nowhere”. By disaggregating at bit level Prizsm provides confidentiality, integrity, and availability with security, privacy, and control for all information stored in the cloud.
Change of mindset
Prizsm’s approach to cloud storage is mapped in traditional terms but delivered virtually, meaning organisations can deploy it transparently, without impacting or changing any of their existing processes. It’s a new approach but not a novel one; more a change of mindset about how to deliver outcomes that others are conditioned not to see. By instantiating Prizsm between users and cloud storage platforms, organisations can take back control of their information, and the data that underpins it, benefitting from cheap, elastic services orchestrated in an inherently secure way.
Cloud Enablement
A quick Google search throws up many definitions for “cloud enablement” but none of them warns that cloud isn’t the thing. For us, it’s one of the things that enable the thing. Despite what the cloud service providers would have you believe, there is not a simple mapping between things that people do on-premises and the services offered on “someone else’s computer” in the cloud.
Author:
Adrian Fern from Priszm Technologies
Laura Foster
Laura is techUK’s Associate Director for Technology and Innovation.