Covata says that its new ‘Key-as-a-Service’ (KaaS) offering will initially be deployed with tech giant, Cisco. The service will eliminate the burden of encryption key and access policy management, as well as guarding against upcoming legal and regulatory issues, through patent pending techniques such as key fragmentation and GeoLoc. With the amount of data due to increase exponentially as the Internet of Things (IoT) takes off, securing the keys and achieving data sovereignty will be absolutely vital to avoid hackers using these devices as a vehicle to compromise corporate and personal networks. Cisco and Covata are already looking into a range of IoT and cloud projects that will determine the first Covata KaaS customer to embed the service into their products.
Covata KaaS provides a scalable and tailored framework for protecting content wherever it resides, supporting policy driven access and allowing for full access remediation. Its patent pending Geo Location process shifts the focus from trying to control where data is, to controlling the location of the encryption keys. KaaS eliminates the complex, hitherto unresolved issue of protecting billions of pieces of unstructured data flowing around the internet. KaaS provides an open standard to allow this protection to happen in the background with very little overhead. If access is requested within the data sovereignty jurisdiction, then the policy permits the release of the key. The data also never passes through the key server, as it is encrypted on the device and only the authorised intended recipient can decrypt it. This also ensures a full audit trail for compliance.
In practice, a company may use the geo-policy to block any keys being issued to data that is not physically within a specific countries borders. For example if an employee is travelling to a foreign country and their phone or data becomes compromised on local networks, the hacker will not have access to data as the key will not be issued while the device is in that country – Covata GeoLoc.
Covata KaaS also offers key fragmentation. The master key is fragmented and then delivered to four different data custodians; within Covata KaaS, the government or duly authorised agent of the government from where the generating key service resides, tenancy owner or its nominated escrow agent, and the auditing firm of the Covata KaaS. This ensures that only the federal or authorised parties can access a whole key by obtaining a duly presented court or similar order from the legal jurisdiction of the home key service. In effect, this reassembly process ensures that any government can only gain access to data through a rigorous and open process – not via snooping.
“The Covata KaaS standard security protocol is the only way to maintain the integrity of the open internet,” said Trent Telford, CEO of Covata. “The internet was designed to share information, it wasn’t designed to be secure, which is why continually bolstering perimeter defences is like trying to beat a wild horse into submission. We’re offering a modern approach to security that enables everyone who enjoys the creativity, openness of the internet to continue to do business securely with the same ease and flexibility they expect. Data sovereignty is achieved through key sovereignty – a genuine security revolution and one we think will solve this major 21st century hurdle.”
“The Internet of Things is going to blow the number of machines connected to the internet out of the water, and hugely increase the number of transactions we see occur online. A vast amount of this unprotected data is continually being sent to cloud or big data services where it is aggregated and used for decision-making. With much of this data being either moderately or extremely sensitive, it is creating a potential goldmine for hackers. The ramifications of this data being compromised could range from terrorist attacks shutting down vital operations such as power or transportation systems, through to stealing market sensitive data, which is why IoT needs a new approach to security. Cisco is not just talking the talk in moving to cloud and IoT, but walking the walk like no others,” concluded Telford.
