Data Security technologies that will help secure your Information for the future: The base line problem is that most of the security technologies aim at keeping the attacker out, and once that fail,
the defenses have also failed, says Adam Ghetti, founder and chief technology officer of IONIC Security, a provider of encryption.
"The last 20 years, vendors and enterprises have focused on infrastructure security models, but attackers are getting past all these infrastructure barriers or they are starting from the inside," he maintained. Protecting infrastructure alone is not good for data security.
Luckily, there are new technologies that are in the pipeline. Discussed below are three possibilities that could prove important in securing our data for the future.
This computer chip is the result of an effort by the Pentagon's Defense Advanced Research Projects Agency (DARPA) to create a disappearing electronics platform which could be used on the battle field and there after destroyed remotely to prevent capture. The chip is part of PARC's Disintegration Upon Stress-Release Trigger (DUST) technology that fabricates electronics on a thin layer of silicon bonded to a specially tempered piece of glass. Because of a quick cooling process, the glass material contains a great deal of stress.
According to Sean Garners’, PARC researcher and principal investigator on the DUST project, 2014 statement, “imagine being able to cover a large area, like the ocean floor, with billions of tiny sensors to hear what is happening within the earth's crust, and have them quickly disintegrate into, essentially, sand, leaving no trace and not harming the planet or sea life”.
Deceptive network technology aims to confuse their search for valuable data, while at the same time alerting the business to the fact that they have unwanted guests on their system. Typically, the technology either seeds existing systems with booby-trapped files or creates extra network devices e.g. faux systems and servers, which an attacker might try to hack. This deception does not only waste the attackers' time, but any access to a fake system or file alerts the business that an attack is likely to take place.
So within two or three moves, the attackers will find this false information, and when they attempt to use it, they will trigger an alert, as noted by David Hunt, vice president of marketing at one Israeli startup, illusive networks, which focuses on the technology.
There is another startup called Shadow Networks that uses software-defined networks and virtual systems to create their own computer ghost towns designed to trap attackers.
Though this concept is not new, but it has been refined and made much easier to use. In many ways, the technology resembles a honeypot i.e. a virtual machine camouflaged as a valuable system to entice attackers to attempt to compromise the machine. There is also a honeynet, which is a network of such virtual machines. Instead of spoofing single systems, deceptive networks interweave their sensors throughout a company's network to leave the attackers guessing.
The aforementioned knowledge has shifted many companies from focusing on keeping the attacker out of their networks to focusing on protecting not the systems or the network, but the data. However, encryption, the most common way to protect data, is a hard infrastructure to manage. So, businesses need to identify their most valuable data, encrypt it, and then manage the keys to protect access to the information.
One Data-security firm IONIC, however, takes a different approach to the problem. The first step is to encrypt all the data, everywhere. Once the data is encrypted, then the problem becomes an access-control issue, says CTO Ghetti.
Encryption is easy to manage; what is hard to manage is decryption, Ghetti continued. Assuming you can use certain attributes to control decryption, you can create a platform that is all about data-access control he stated further.
IONIC started few years ago, by attempting to create a platform to retroactively add privacy to social media sites. Ghetti created a system that would encrypt all of a user's posts on a social network, like say, Facebook, and then let the user control who could access groups of posts.
Thereafter, IONIC shifted its focus to helping businesses encrypt their data. By encrypting information at the lowest levels, reading and writing to files or the disk, and then distributing the keys and access controls, the company aims to make a reliable system for decrypting the information. Companies retain control of who can decrypt data, under what circumstances, and what they can do with the data.
"Our favorite demo is we literally hack a system, copy the data, and give it to the client to look at," Ghetti says. "But outside the environment, the data is all encrypted. Even though it was stolen, from an authorized system, while the user has rights, they still cannot get access."
Other related labels for Data Security technologies includes:
the defenses have also failed, says Adam Ghetti, founder and chief technology officer of IONIC Security, a provider of encryption.
"The last 20 years, vendors and enterprises have focused on infrastructure security models, but attackers are getting past all these infrastructure barriers or they are starting from the inside," he maintained. Protecting infrastructure alone is not good for data security.
Read: How to secure your Android phone | mobile device security
In the face of a workforce largely uneducated about security and a shortfall in skilled security professionals, better technology is not just a boom but a requirement. "We are definitely getting better, there is no doubt about it," says Kevin Bocek, vice president of threat intelligence and security strategy at security firm Venafi. "But there may be 100 bad guys to every security professional, and that means that it is a constant battle."Luckily, there are new technologies that are in the pipeline. Discussed below are three possibilities that could prove important in securing our data for the future.
Turn Computer Chips to DUST | Data Security technologies
For some years now, researchers at PARC have worked on creating a computer chip that could destroy itself on command. While it sounds like something impossible, this chip could become the basis for ensuring privacy and the security of relevant data on any number of devices.This computer chip is the result of an effort by the Pentagon's Defense Advanced Research Projects Agency (DARPA) to create a disappearing electronics platform which could be used on the battle field and there after destroyed remotely to prevent capture. The chip is part of PARC's Disintegration Upon Stress-Release Trigger (DUST) technology that fabricates electronics on a thin layer of silicon bonded to a specially tempered piece of glass. Because of a quick cooling process, the glass material contains a great deal of stress.
See also: How to Set Folder Security for Shared Folders
The computer chip functions normally until a small part is heated by triggering an electronic component at the base station. According to Greg Whiting, a senior scientist with the electronic materials and devices laboratory at PARC, the heat causes a chain reaction that results in the glass substrate cracking with dramatic force.According to Sean Garners’, PARC researcher and principal investigator on the DUST project, 2014 statement, “imagine being able to cover a large area, like the ocean floor, with billions of tiny sensors to hear what is happening within the earth's crust, and have them quickly disintegrate into, essentially, sand, leaving no trace and not harming the planet or sea life”.
Read: Security startup exploit blocking' program
Having just built a simple prototype, PARC has continued to investigate different materials. For now, the researchers bond a thin layer of silicon on top of the tempered glass, but if the stresses required to destroy the substance could be created inside the actual substrate, using materials such as gallium arsenide, then they could simplify the project.Create Imaginary Zoos to Trap the Bad Guys | Data Security technologies
Once attackers gain a beach head on a victim's networks, they may have different goals, but their number one objective is almost always the same, namely; Collect data on the network to find other computers that can be infiltrated.Deceptive network technology aims to confuse their search for valuable data, while at the same time alerting the business to the fact that they have unwanted guests on their system. Typically, the technology either seeds existing systems with booby-trapped files or creates extra network devices e.g. faux systems and servers, which an attacker might try to hack. This deception does not only waste the attackers' time, but any access to a fake system or file alerts the business that an attack is likely to take place.
So within two or three moves, the attackers will find this false information, and when they attempt to use it, they will trigger an alert, as noted by David Hunt, vice president of marketing at one Israeli startup, illusive networks, which focuses on the technology.
There is another startup called Shadow Networks that uses software-defined networks and virtual systems to create their own computer ghost towns designed to trap attackers.
Though this concept is not new, but it has been refined and made much easier to use. In many ways, the technology resembles a honeypot i.e. a virtual machine camouflaged as a valuable system to entice attackers to attempt to compromise the machine. There is also a honeynet, which is a network of such virtual machines. Instead of spoofing single systems, deceptive networks interweave their sensors throughout a company's network to leave the attackers guessing.
Encrypting Everything | Data Security technologies
Security systems are most liable to fail, and so every company should assume that the attacker is already inside.The aforementioned knowledge has shifted many companies from focusing on keeping the attacker out of their networks to focusing on protecting not the systems or the network, but the data. However, encryption, the most common way to protect data, is a hard infrastructure to manage. So, businesses need to identify their most valuable data, encrypt it, and then manage the keys to protect access to the information.
One Data-security firm IONIC, however, takes a different approach to the problem. The first step is to encrypt all the data, everywhere. Once the data is encrypted, then the problem becomes an access-control issue, says CTO Ghetti.
Encryption is easy to manage; what is hard to manage is decryption, Ghetti continued. Assuming you can use certain attributes to control decryption, you can create a platform that is all about data-access control he stated further.
IONIC started few years ago, by attempting to create a platform to retroactively add privacy to social media sites. Ghetti created a system that would encrypt all of a user's posts on a social network, like say, Facebook, and then let the user control who could access groups of posts.
Thereafter, IONIC shifted its focus to helping businesses encrypt their data. By encrypting information at the lowest levels, reading and writing to files or the disk, and then distributing the keys and access controls, the company aims to make a reliable system for decrypting the information. Companies retain control of who can decrypt data, under what circumstances, and what they can do with the data.
Read: How to secure Your Digital Information Online
With the above method, a thief could steal an iPad but not be able to access the data without the proper credentials, or the device could be limited to only accessing sensitive data when connected to the company's wireless network. An attacker could steal a database from a corporate network, but the company could set the information to only decrypt within the database environment and nowhere else."Our favorite demo is we literally hack a system, copy the data, and give it to the client to look at," Ghetti says. "But outside the environment, the data is all encrypted. Even though it was stolen, from an authorized system, while the user has rights, they still cannot get access."
Other related labels for Data Security technologies includes:
- data protection solutions
- data breach
- network security tutorial
- data security certifications
- data network security
- data protection policy
- network security certifications
- information system security
- cyber security information
- information security training
- information security management
- information technology security
- information security policy
No comments:
Post a Comment