Beyond Basic Encryption With End-to-End Security and Key Management
Security is still a concern for many businesses when sending data to the cloud. And due diligence is important, since not all clouds are created equal when it comes to data protection. For example, some clouds encrypt your data while it is in the cloud, but leave it “in the clear” while it’s being transported. Others, though they encrypt the data before storing it, transport the data to their datacenter via a single internet connection, creating a single point of attack and potential failure. It’s also important to consider how a cloud solution generates, stores, and manages the keys that protect your data from perpetrators.
The Symform Cloud Ensures Industry-Leading Data Protection
- Symform’s Resilient Storage Architecture breaks your data into blocks
- Each data block is then protected with a unique AES-256 encryption key, generated and managed by Symform Cloud Control
- Each block is then shredded into 64 fragments, with 32 parity fragments added for redundancy, fortifying data protection even further
- Data fragments are finally distributed to 96 random servers on the Symform Global Cloud Storage Network.
- Our security procedures are certified by the industry standard mandate SSAE 16 (formerly SAS 70 type 2).
Symform Keeps Your Data Safe From Threats
Symform is much more secure than a typical datacenter-based solution, which leaves you vulnerable to human-generated keys and key management, as well as to the dangers of storing all your data in a single location. For a perpetrator to compromise just one block of data in the Symform Cloud, they would need to be able to identify the random computers where the fragments of the block were stored, extract the fragments, and reassemble them. They would then have to break into Symform’s Cloud Control to search for the computer-generated, 256-bit block key. They would need to repeat this process for potentially hundreds of blocks just to reassemble one file.
Why All Encryption Keys Are Not Created Equal:
Encryption is only as good as the strength of the key used. Human generated keys are easy to break and hard to manage. What’s more, they make it really hard to de-duplicate data unless it is all encrypted with the same key, which compromises security. Symform does better. Symform automatically encrypts each block of data with a unique, 256-bit key, which it generates by performing a SHA256 hash on the block itself. Because it uses the hash of the block as the block’s key, Symform is able to de-duplicate the blocks without needing to decrypt them. Each block is encrypted using the federally certified AES-256 encryption algorithm–exponentially stronger than 128-bit encryption, the federal minimum. Symform automatically manages these large unique keys as part of block information in Symform Cloud Control, bypassing the weaknesses of human key generation and management.
Furthermore, by encrypting using the hash of the block as its key, Symform is able to de-duplicate the blocks without needing to decrypt them! If the block already exists in the system, it will not need to be re-uploaded or stored – achieving storage and bandwidth efficiency without compromising any security.