Keeping data private and secure has become increasingly challenging for companies. Data usually has to be stored on behalf of users on a server or cloud service somewhere. Responsibility for security and privacy lies with the company storing the data. This involves several hurdles. First of all, data breaches have become extremely common. A black market for user data has emerged that makes it extremely profitable for bad actors to launch sophisticated cyber attacks aimed at stealing private data. Secondly, privacy regulations, such as GDPR and CCPA, make it hard for data hosts to comply, especially so in specific industries, for example, HIPAA-compliance in the healthcare sector.
In terms of cybersecurity, a large number of incidents have shown that companies simply lack the capabilities to implement the required safeguards. Even the biggest names in technology have had embarrassing data breaches, as just again demonstrated by the latest large-scale Twitter hack.
Figure 1: Traditional Blanket Encryption
Most encryption systems blanket-encrypt data by securing all data with the same key, for example, by encrypting a file storage system or a whole database. Some systems improve on this by at least providing each user with their key for securing data. We go one step further: the SylLab API provides a separate key for all individual data items. This means that whenever you send a block of data, usually a fil, to the service, the underlying key management system generates a new encryption key.
The SylLab API uses state of the art encryption. Based on 256-bit AES encryption, the underlying system uses an underlying key management system to isolate stored keys.
Figure 2: SylLab High-granularity Encryption
This not only provides better security, but it also removes the incentive for large scale attacks. A worst-case scenario data breach would provide the attacker with a single data item, which means that it simply does not make economic sense for most hacker groups to launch an attack with the goal of selling data on the black market.
Let us Deal with Cryptography for You
SylLab Systems is proud to announce the release of the SylLab encryption API. This API is the first in a range of products offered under the Cryptography as a Service paradigm. As companies struggle with applying complex cryptography directly, it only makes sense to let the experts deal with encrypting the data. SylLab API clients can focus on their business logic, and simply make an API call to encrypt and store data. Optionally, data storage can also be dealt with by the client, allowing integration with existing software or third-party solutions.Changing the Economics of Attack Vectors
Figure 1: Traditional Blanket Encryption
Most encryption systems blanket-encrypt data by securing all data with the same key, for example, by encrypting a file storage system or a whole database. Some systems improve on this by at least providing each user with their key for securing data. We go one step further: the SylLab API provides a separate key for all individual data items. This means that whenever you send a block of data, usually a fil, to the service, the underlying key management system generates a new encryption key.
The SylLab API uses state of the art encryption. Based on 256-bit AES encryption, the underlying system uses an underlying key management system to isolate stored keys.
Figure 2: SylLab High-granularity Encryption
This not only provides better security, but it also removes the incentive for large scale attacks. A worst-case scenario data breach would provide the attacker with a single data item, which means that it simply does not make economic sense for most hacker groups to launch an attack with the goal of selling data on the black market.