In the world of paper and coin, if I want to protect my valuables – things like stock certificates, my grandfather’s watch, etc., I would put them in a safe deposit box at the bank. Of course, there are numerous other options: under the mattress, in the breadbox, in a coffee can buried in the back yard under the big oak tree, or maybe in the sock drawer. But, for this, let’s go with a safe deposit box.
When I’m assigned a safe deposit box, I am given a key. The only other key that matches my key is a key the bank holds.
In order for me to access my safe deposit box and get to my valuables, I must go to the bank, with my key, and the bank must use their matching key in order to open the safe deposit box and allow me to gain access to my valuables.
However, in the digital world – the world of bits and bytes – my valuables are my data. The same is true for enterprises. Second only to their employees, data is their most valuable asset. Using the previous analogy, an enterprise’s ‘grandfather watches’ and ‘stock certificates’ are their data.
The problem when trying to use a ’safe-deposit box’ model in the digital world is scale. Unlike the bank with only 200 safe deposit boxes and 200 associated keys, an enterprise might have 200 million pieces of data they want to protect. This means the key management for the bank is tolerable and possible. But, for today’s enterprises, protecting 200 million pieces of data, each with their own key, is not so easily accomplished – especially if you’re using SSL/TLS. Furthermore, do you really want to use open source security? Say it out loud: open source security. It’s an oxymoron like miniature giant.
Rather than protect the data itself for the past couple of decades, banks (and every other enterprise) have deployed solutions intended to keep the bad guys out of their network…or catch them if they get in. Think about it: if a bank protected my valuables with the same approach, the first thing they would do is build a wall around the bank. Then they would put a guard at the door to check ID. Maybe they would set up a metal detector for everyone or maybe just strangers. They might even use badges for electronic entry to every room. Yet, if a thief did get in, all of the valuables would just be piled up in different rooms ready for the taking.
Isn’t it time to start protecting your organization’s second most valuable asset? Your data.
With CENTRI you can start protecting what’s most valuable: the data. And do it without requiring a key vault or Hardware Security Module and virtually eliminate the key management burden.
CENTRI can protect, with encryption and optimization – data at rest, in motion, and in use – all using a single, patented vault-less platform. You can even replace your SSL libraries in your corporate-developed applications; CENTRI Secure for Developers includes libraries that will plug right in using the same API’s. Unlike SSL/TLS, it’s extremely fast, it’s private, and there are no gaps; CENTRI never transmits a single byte in the clear.
Thanks for reading,
About the Author: Grant Asplund is the Vice President of Sales and Business Development at CENTRI. Grant has over 30 years of experience in sales, marketing, business development and management in enterprise software. He enjoys sharing his thoughts on security online and presenting at industry events. Connect with Grant on LinkedIn.