Finally Friday – a time to ponder with a pint of real ale

print
My company Enigma Bridge built a truly scalable (in all meanings of the word) hardware platform (with FIPS140-2 Level 3). OK, you have no idea what I talk about… that is one of our communication problems.

How can we explain to people what is the advantage of using tamper-resistant hardware. What is the advantage of hardware separation – something our platform provides even when packaged as a cloud service.

tumblr_inline_nuw5a8GcEf1tc653u_540

Photo: SplitShire (yes, it’s 1/2 litre of one of the big brands – not a pint of a local real ale) 

People tend to say that, e.g., software encryption is quite enough for their needs. I find it hard to explain how to use common sense for security, that everyone has his/here motives and interests that are not quite aligned with anyone else, including users. Right, maybe I’m just too distrusting of authorities, corporations, etcetera, as I remember communism from my home country Czechoslovakia.

Cloud providers promise to look after our data, with all technology available.

“… you inherit all the best … policies, architecture, and operational processes built to satisfy the requirements of our most security sensitive customers …”

How far can such a promise go? The answer has changed recently due to Snowden effect. Authorities can request access to our data and serve an injunction at the same time, so no-one can tell “owners” of the data in question.

I believe that tamper-resistant hardware restores the balance of interests – cloud providers can still do their business, while customers keep good-enough control over their data.

Is it really the case we want and do trust big brands, or is it a bit a question of price? I ponder … do you?

 

Published by

Dan Cvrcek

Founder and CEO of Enigma Bridge, engineer, entrepreneur, cryptography SME, security architect, and professor.