Tuesday, 11th August 2020

Rendering stolen data useless to hackers

Timely move given the increasing frequency of devastating attacks globally as the kit allows developers for the first time to build secure data encryption into applications from inception.

Qredo, the data security specialist, announces the beginning of a beta programme for its unique “quiet cloud” architecture, which for the first time enables developers to build cutting-edge encryption into applications from the outset, backed by its highly secure cloud platform, protecting all data stored and transmitted.
This makes the Qredo software development kit (SDK) the only cloud-backed platform that addresses the increasing global problem of server data breaches. The SDK will revolutionise application development as it removes the single biggest barrier to a wider adoption of encryption - difficulty of integration. As part of the beta programme, it is immediately available to anyone who needs a new weapon to keep their applications secure.
Although systems integrators are required to comply with international network security standards, most of these focus on the procedures followed when building a system rather than assessing the security of the end system. The remainder often focus on infrastructural security, rather than data security: making the castle walls higher, but offering no protection if the thief finds a way into the keep. Encryption technology can help, but is typically deprioritized by developers because it is too onerous to use with cloud services, particularly for those not trained in cybersecurity.
Qredo’s quiet cloud uniquely solves this problem by wrapping up the encryption of data with those cloud services, in a manner that does not require expertise in either security or cloud services. The encryption keys, which are the only way data can be accessed, are strictly unavailable to Qredo and, more importantly, to anyone who may breach Qredo’s infrastructure. Qredo offers two components at present: the bulk storage of data, and a message queueing facility for communication between two devices, with more components under development.
The encryption techniques used by Qredo do not depend on obsolete or questionable standards, but on de facto standards set by a wider, expert security community. The Qredo SDK will be open sourced, allowing third-party auditors to publically review and attest to its security.
Any application use case where data needs to be kept private is an ideal use for Qredo, such as synchronized file storage, instant messaging, private journaling, secure credential storage or bitcoin wallets. But Qredo’s usability means that even seemingly open use cases such as gaming applications can make use of it, by accelerating development of storage and networking mechanisms.
According to Juniper Research, the cost to businesses of data breaches globally is forecast to reach US$2.1trillion by 2019, four times the estimated cost of global data breaches in 2015, as hackers are daily getting more proficient at harvesting data illegally.
Recent UK Government figures show that the average cost of a single security breach has risen sharply and the cost to a large business ranges from close to ?1.5m to more than ?3m, up from a range of ?0.6m to ?1.15m a year ago. Meanwhile, small businesses saw a sharp rise in the number experiencing cyber-attacks, up from 60% to 74% in just one year. These statistics tell us that hacks are increasing in frequency and costliness, and without action the trend is to set to continue.
Even more onerous will be fines levied under new EU data protection laws, which will be implemented by the end of 2017. Under these laws, companies could incur fines of up to 4% of their global annual turnover and will have to notify the Information Commissioners Office of any breaches within 72 hours. Qredo will help compliance in advance of mandated changes in security.
A report last year by one global data management and analytics consultancy estimated that, if the c.20% of companies surveyed who said that they had been breached experienced another serious breach over the next 3 years, these UK businesses would face fines totalling ?20bn.
According to research published by Bank of America Merrill Lynch, the global cybersecurity solutions market is estimated at US$75-77 billion and forecast to reach US$170 billion by 2020. A report from Markets and Markets also predicted a similar future, estimating the market will grow at a compound annual growth rate (CAGR) of 9.8% over the next five years.
Justin Megawarne, Lead Developer, commented:
“We have realized that cryptography is the most powerful weapon we have in the fight against mass data breaches, loss of privacy, stolen identity, and more. But it has been passed over because of the difficulty of combining it with other technologies such as cloud services and application platforms, despite the very best will and intentions of the skilled developers out there.
So we have built the Qredo quiet cloud as a new tool specifically aimed at making encryption easy to integrate. And nobody need take our word for it: we’ll make the source openly available to our early adopters, and later the world, so that anyone can see for themselves that we live up to our claims. Qredo means “I believe” and we will stick to that principle.
The amount of hacks and data thefts are only going up exponentially, and we think it’s time to fight back. Any developers who want to join our beta programme will get the very best of Qredo’s efforts through our new quiet cloud technology, and our personal support in waving goodbye to data theft.”
New high-performance NSsp firewalls, cloud-native management and on-prem threat analysis upend enter...
Study conducted by analyst firm ESG explores security trends and challenges emerging in modern appli...
Sophos has published a multi-part research series on the realities of ransomware, including an indus...
Yet only four out of 10 security leaders in the UK can answer the question, “How secure, or at risk,...
Half of first-time security analysts working in Security Operations Centres (SOCs) plan to leave aft...
Malware attacks abusing machine identities grew eightfold over the last 10 years.
Netskope Cloud and Threat Report reveals massive shift in user behaviour and increased risk as perso...
LogRhythm has released its report, The State of the Security Team: Are Executives the Problem? The s...