StrongSalt Helps Customers Gain Compliance Through Searchable Encryption for Cloud Services and Enterprise Applications
Encryption is often described as the best defense against hackers, and the strongest solution for compliance with GDPR, CCPA and other data protection and privacy laws around the world.
But encryption is hard on two counts. First, while peer-reviewed cryptographic algorithms are strong, their implementation is often poor. As long ago as 1997, cryptographer Bruce Schneier warned that cryptography is harder than it looks because the systems using it are designed by engineers who think of cryptography as just another component. "Under pressure from budgets and deadlines," he wrote, "implementers use bad random-number generators, don't check properly for error conditions, and leave secret information in swap files." Nothing much has changed.
The second issue is the usability of encrypted data. Data scrambled to be unusable by cybercriminals is equally unusable by the company owning the data. For these two reasons, many companies who know they should encrypt their users' personal data simply do not.
There is a solution to the second issue called 'searchable encryption'. This is a special subfield of cryptography that has been around since 2000 -- but it has its own difficulties. These are it is generally difficult or costly to implement, and is then slow in operation. "Existing systems can achieve what they claim to achieve," Ed Yu, founder and CEO at StrongSalt, told SecurityWeek, "but they're just too slow."
These are the encryption issues tackled by StrongSalt, founded in 2015 by Yu, who was formerly the founding engineer at FireEye. The chosen route has been to develop a Privacy API platform to make implementing s ..
Support the originator by clicking the read the rest link below.
