It shouldn’t be a surprise that our Microshard™ technology is often compared to encryption or even thought of as another form of encryption. Both are data security and data privacy solutions, and both offer protection for sensitive data.
But is microsharding the same as encryption? Can the two be used together? We’re expecting these questions to come up a lot this week, so let’s jump straight in.
First things first: Microshard technology is not encryption.
When it comes to data at rest, both microsharding and encryption have the same goal of data protection in mind. How the two solutions get there, though, is completely different.
When it comes to the most common type of encryption, a foundational concept is the key. I’m going to assume you’re familiar with the adventures of Bob and Alice, so I won’t tell you what you already know. The main takeaway is that keys — and their management and protection — are central to encryption.
Microsharding has no concept of a key. Our “Shred. Mix. Distribute” approach is a form of obfuscation. There is no key rotation or anything akin to key management — so the cost and complexity goes out the window, as do any concerns about third-party key management.
Where we use customer storage, we don’t store any of your data. We simply fragment and re-assemble your data as it goes to and from your storage.
Encrypted data is stored whole; Microshard data is not.
Here’s what I mean: When you store an encrypted file, you store that whole file in a single location. Yes, it’s encrypted, but it’s still the whole file, which could be deleted, re-encrypted with ransomware, exfiltrated for a well-resourced adversary to try to break the encryption over time, or just decrypted with a stolen key.
On the other hand, Microshard technology stores a 1/(x-1) mixed-up fraction of the complete data set across multiple customer storage locations (where x = the number of storage locations minus one) for parity. If a storage location is compromised and your data is stolen, the attacker gets a nonsensical jumble of characters that is only a fraction of the complete data set.
Even with the advanced computational power of quantum computing, an entire Microshard data set cannot be reassembled, since the unauthorized user must first know every location where the Microshard data is stored and then compromise every single storage location.
When encrypted data is deleted, it’s gone. End of story.
Similarly, encrypted data that’s been re-encrypted is gone.
And if a storage service containing encrypted data goes offline, that data is also inaccessible.
On the other hand, Microshard data is self-healing data. Think RAID-5 for data in the cloud.
If Microshard data has been tampered with in any way, its self-healing data feature means that we can reconstruct the affected Microshard data to return it to its unaltered state.
We can do the same for Microshard data that is unavailable if a storage provider is temporarily experiencing an outage. This helps maintain uninterrupted access for users.
Yes.
We have nothing against encryption. It’s a strong, proven approach.
We are also vocal proponents of defense in depth. We believe layering complementary security technologies appropriately is a good thing.
Some customers microshard their encrypted data. Others microshard their data instead of encrypting it, and still others encrypt some data and microshard other data.
The right mix depends on what you need, but here’s some rough guidance:
Encryption is a proven security technology with a long history. But it’s also been the only option for securing your data at rest — until now.
With Microshard technology, you have options to select the appropriate mix of cloud data protection for your organization’s needs.
We’ll be at the 2022 RSA Conference in San Francisco this week. Come see us in the Early Stage Expo at Booth #22 (Moscone South, second floor), where we’ll have several exciting things going on:
Stop by, say hi — and grab some swag while you’re at it. Or visit us online to learn more and schedule a demo.
Stay tuned over the next couple of weeks as we add more web content and FAQs to help you better understand microsharding, self-healing data, Microshard use cases, deployment options, and more.
Our resources will help you evaluate how we can help you maintain business continuity and protect your data in the cloud.
Sources
Key concepts in encryption | Electronic Frontier Foundation
Ransomware guide | Cybersecurity and Infrastructure Security Agency
Understanding data privacy and cloud computing | Thomson Reuters