In 2016, I wrote this blog on Lack of Trust in Big Brother. Since then, the U.S. Government created the Clarifying Overseas Use of Data Act (CLOUD Act), which introduces direct conflicts with the EU’s General Data Protection Regulation (GDPR). While enterprise migration to the cloud has progressed quite extensively over the past five years, many companies continue to wrestle with how to maintain compliance with these potentially conflicting laws. Fortunately, improvements in key management to support Bring Your Own Key (BYOK) services can mitigate those conflicts for easy and compliant cloud migration.
Security professionals are tasked with protecting assets and services, maintaining compliance, and doing so cost-effectively. Clearly, this is a challenging task. The March 12, 2021 ruling by the Conseil d’Etat – France’s highest administrative court – is a perfect example of the balancing act that must be achieved. Fortunately, solutions exist to make this balancing act more manageable.
Secure Multiparty Computation (MPC) is a technology that is gaining widespread interest for both data privacy and protection applications. This article focuses on the use of secure MPC to protect cryptographic keys used for practical enterprise key management applications.
Historically, key management is complex, inflexible, and expensive. Enterprises need key management solutions that …
Instars, the pioneering decentralized and privacy-focused social networking platform, has integrated Sepior’s multiparty computation (MPC) key management to secure digital assets for the Instar Blockchain. Instars.com is the first social networking platform to use a combination of blockchain technology and secure MPC to provide innovative new social networking and personal data exchange services.
A quorum policy is a policy which is used to ensure that different stakeholders approve of some transaction to remove the single point of failure which occurs when only one entity is needed to approve a transaction. Ironically, many ways of implementing such a policy will introduce a technical single point of failure in the very solution intended to remove the original point of failure. The solution is to have each approver provide their share of an approval signature using a cryptographic algorithm which natively generates the transaction signature only when the required number of approvals is satisfied.
In early March, Penneo – the digital signature platform used by Scandinavian businesses – rolled out a new feature for selected customers. The new feature allows customers to protect access to their documents stored in the Penneo managed archive using encryption keys, not controlled by Penneo, effectively separating the lock from the key. Penneo customers who take advantage of this service will have 100% control over who has access to their documents.
For cloud storage services the need for encryption is clear. Using Amazon S3 as the use case, this blog post considers the different choices available for your application when encrypting data stored at cloud storage providers.
