Today begins Day 1 of RSA. We’re coming fresh off the news of our oversubscribed $11M Series A funding round, and we’re excited to share why our technology has garnered this level of confidence from our investors.
It shouldn’t be a surprise that our Microshard™ technology is often compared to encryption or even thought of as another form of encryption. Both are data security and data privacy solutions, and both offer protection for sensitive data.
But is microsharding the same as encryption? Can the two be used together? We’re expecting these questions to come up a lot this week, so let’s jump straight in.
First things first: Microshard technology is not encryption.
When it comes to data at rest, both microsharding and encryption have the same goal of data protection in mind. How the two solutions get there, though, is completely different.
Key-based vs. keyless solutions
When it comes to the most common type of encryption, a foundational concept is the key. I’m going to assume you’re familiar with the adventures of Bob and Alice, so I won’t tell you what you already know. The main takeaway is that keys — and their management and protection — are central to encryption.
Microsharding has no concept of a key. Our “Shred. Mix. Distribute” approach is a form of obfuscation. There is no key rotation or anything akin to key management — so the cost and complexity goes out the window, as do any concerns about third-party key management.
Where we use customer storage, we don’t store any of your data. We simply fragment and re-assemble your data as it goes to and from your storage.
Whole vs. fragmented data
Encrypted data is stored whole; Microshard data is not.
Here’s what I mean: When you store an encrypted file, you store that whole file in a single location. Yes, it’s encrypted, but it’s still the whole file, which could be deleted, re-encrypted with ransomware, exfiltrated for a well-resourced adversary to try to break the encryption over time, or just decrypted with a stolen key.
On the other hand, Microshard technology stores a 1/(x-1) mixed-up fraction of the complete data set across multiple customer storage locations (where x = the number of storage locations minus one) for parity. If a storage location is compromised and your data is stolen, the attacker gets a nonsensical jumble of characters that is only a fraction of the complete data set.
Even with the advanced computational power of quantum computing, an entire Microshard data set cannot be reassembled, since the unauthorized user must first know every location where the Microshard data is stored and then compromise every single storage location.
Data vs. self-healing data
When encrypted data is deleted, it’s gone. End of story.
Similarly, encrypted data that’s been re-encrypted is gone.
And if a storage service containing encrypted data goes offline, that data is also inaccessible.
On the other hand, Microshard data is self-healing data. Think RAID-5 for data in the cloud.
If Microshard data has been tampered with in any way, its self-healing data feature means that we can reconstruct the affected Microshard data to return it to its unaltered state.
We can do the same for Microshard data that is unavailable if a storage provider is temporarily experiencing an outage. This helps maintain uninterrupted access for users.
Encrypt? Microshard? Both?
We have nothing against encryption. It’s a strong, proven approach.
We are also vocal proponents of defense in depth. We believe layering complementary security technologies appropriately is a good thing.
Some customers microshard their encrypted data. Others microshard their data instead of encrypting it, and still others encrypt some data and microshard other data.
The right mix depends on what you need, but here’s some rough guidance:
- Are you subject to any laws/regulations that specifically require encryption? If so, then it’s pretty clear that you should encrypt in order to meet compliance. Consider using Microshard technology for any sensitive data that is out of scope of compliance. And remember that you can also microshard encrypted data for added security.
- Do you manage your own encryption keys? If so, consider using microsharding instead of encryption to significantly reduce the costs and administrative effort that can come with key management. Microsharding can also help mitigate any performance hits caused by encryption.
- Are you using server-side encryption managed by your cloud provider — and feeling uncomfortable with a third party managing your keys? Microsharding keeps you in control of your sensitive data, including where it’s stored and who has access to it. Though we believe cloud providers are trustworthy, outages and user errors still happen, and a misconfiguration can easily expose sensitive data to the entire internet. This is a concern we hear mostly from customers in Europe who are governed by stringent data privacy regulations.
Encryption is a proven security technology with a long history. But it’s also been the only option for securing your data at rest — until now.
With Microshard technology, you have options to select the appropriate mix of cloud data protection for your organization’s needs.
Check us out at RSA
We’ll be at the 2022 RSA Conference in San Francisco this week. Come see us in the Early Stage Expo at Booth #22 (Moscone South, second floor), where we’ll have several exciting things going on:
- Stay for a 10- to 15-minute demo and you’ll be entered in our drawing to win an Xbox Series S.
- I’ll be speaking at 11:20 a.m. PT on June 8 in the Early Stage Expo Briefing Center about microsharding, secure cloud adoption, and data security.
- David Haward-Grau, KPMG US’s Managing Director of Cybersecurity, will be available from 10 a.m. to 12 p.m. PT on June 9 to discuss KPMG’s participation as a strategic investor in our Series A funding and our joint go-to-market plans.
- We’re also pleased to have been an RSA sponsor of the Cloud Security Alliance’s CxO Trust Summit on June 6.
Stop by, say hi — and grab some swag while you’re at it. Or visit us online to learn more and schedule a demo.
Can’t make it to RSA?
Stay tuned over the next couple of weeks as we add more web content and FAQs to help you better understand microsharding, self-healing data, Microshard use cases, deployment options, and more.
Our resources will help you evaluate how we can help you maintain business continuity and protect your data in the cloud.