Cloud Security Now!
The Infinidrive™ by EsoteraS3® is an enterprise-scale SaaS platform that renders highly sensitive unstructured files as indistinguishable fragments to unauthorized viewers, yet makes them accessible to the owner worldwide. It is a robust solution for companies struggling with managing unstructured files.
Infinidrive™ by EsoteraS3® is a unique platform for the secure storage of your most sensitive, unstructured electronic files.
EsoteraS3® provides a turnkey application deliverable through a SaaS business model. For enterprise applications, EsoteraS3® provides a high ROI based on the unique value of the solution and the low-cost application delivery.
Infinidrive™ by EsoteraS3® is not a generic online storage solution. It has been designed to store clients’ most sensitive, unstructured data files that any potential theft, loss or leak could prove disastrous to the organization.
The technology electronically shreds a file on upload and then disperses block fragments randomly across hundreds or thousands of Infinidrive™ server locations. The complete file can only be reconstituted in real time by the unique token or key-holder using a patented EsoteraS3® 256-AES encryption algorithm over IP. As a user, you see your personal Infinidrive™ file directory just as you would expect to see any other file directory when you use the token or USB key. To anyone else, your physical file does not exist on any server.
This hard-drive-independent solution provides a never-before-available combination of complete data discretion with total user mobility. With 3-block redundancy, the data is always available world wide, which eliminates the need to store sensitive data files on any other storage device as backup.
Infinidrive™ by EsoteraS3® does more than just store sensitive files. It is also a ‘Key to mobile office Productivity’ through a combination of value features:
Security – Infinidrive™ by EsoteraS3® is the most secure file management software currently available in the world.
Mobility – Securely access your data through any internet connection device.
File Sharing – Enable file sharing in the most controlled, secure environment.
Real-time Data Protection – No more burning to CD or tape drive and storing off site. When changes are made to identified files or folders, those changes are sent to Infinidrive™ servers in real time for protection.
No Restore Procedures – Computer crashes? No problem. Just move to a different computer to access your files, and you are back in business.
The Infinidrive™ platform by EsoteraS3® is extremely secure due to our patent-pending encryption method and triple-redundancy storage technique. No data is stored on any device
As a turn-key enterprise solution, InfiniDrive™ can operate either inside or outside your corporate firewall. Your corporate files are stored as millions of encrypted, anonymous file fragments spread randomly across thousands of servers inside your firewall. You never have to worry about storage availability for these files and it is your organization who decides which of your employees can access their files outside your firewall.
Small, portable laptops are inexpensive and very popular. Ultraportable laptops provide streamlined and simplified use. They are easy to move around and run only a handful of modest applications. Ultraportables provide more power and functionality than a smartphone but are more convenient than conventional laptops. They are also economical. But all that convenience comes with built-in compromises.
Ultraportables typically feature a small keyboard and screen, a processor that lags at least a generation or two behind, and only a few gigabytes of solid-state memory and storage.
Here is the potential security nightmare. The characteristic of ultraportables that is striking fear into the hearts of IT managers: protecting the important files located on those machines.
Minimized hardware resources force ultraportables — and their users — to cope with weakened system software that underprotect those files. Most models ship with a stripped-down Linux operating system or, in some cases, Microsoft ‘s previous-generation operating system, Windows XP. The machines are often sent out into the world with little or no protection. These systems do not provide adequate protection.
Sensitive data can be secured with the EsoteraS3 solution. Use the EsoteraS3 USB stick with your ultraportable. Your files are not stored on the USB stick; they are safely encrypted on secure servers. Data never gets stored on the ultraportable device. But when you need your data, just access them or plug your USB stick into any other computer on the Internet.
That way, if the laptop is stolen, the sensitive data doesn’t go with it — the data always remains highly secured.
EsoteraS3® is an enterprise-scale SaaS platform that renders highly sensitive unstructured files as indistinguishable fragments to unauthorized viewers, yet makes them accessible to the owner worldwide. It is a robust solution for companies struggling with managing unstructured files and is an ideal tool for ultraportables. Sensitive data can be secured with the EsoteraS3 solution. That way, if the laptop is stolen, the sensitive data doesn’t go with it — the data always remains highly secured.
The current market for secure information storage solutions is divided into many areas: edge-of-network, network infrastructure, dedicated hardware/software and storage-over-IP offerings. Gartner values the information security industry to have a market value of $18 bn and growing.
It is a competitive industry in which there is no theory of unification regarding platform, protocol or storage configuration. Information Security solutions are largely implemented as a reaction to the ‘probability of threat’. This explains why there are many solutions.
If enterprises implemented their information security based on the ‘implication of loss’, employees would be chained to their desks for the duration of their workday, and access to shared networks would revert to the archaic days of overnight job submission. Cybertheft is a drain on the economy, but the degree to of cost from lost informatIon cannot be fully quantified.
IDC recently conducted a survey of 244 IT executives/CIOs and their line-of-business (LOB) colleagues about their companies’ use of, and views about, IT Cloud Services.
EsoteraS3 lines up nicely against these criteria. Our offering for unstructured files is extremely secure due to a patent-pending encryption method and triple-redundancy storage technique. The performance of the Infinidrive™ compare favorable to existing non-cloud systems. Our SaaS module provides ubiquitous availability that is easily integrated to in-house systems. EsoteraS3 is committed to delivering high value and economy. The system can be brought in-house as a turn-key enterprise solution. InfiniDrive™ can operate either inside or outside corporate firewalls. We are working to obtain certification to align with regulatory requirements on several fronts. Our intent is to be the dominant player in the unstructured data sector. Source: http://cloudsecurity.org/
The growing volume of unstructured data stored by companies is creating a security hole, according to new research from the Ponemon Institute. Unstructured data, such as information stored in spreadsheets, documents, presentations, multi-media files and blueprints, can make up a majority of digital business assets. Eighty-nine per cent (89%) of respondents to the survey admitted that controlling access to unstructured data remained a major challenge. Eighty-four per cent (84%) indicated that controlling unstructured data access will remain important or become more important within their company in the next two years.
The report found that the rate at which unstructured data is being created makes the challenge of managing and protecting the information “exponentially” more difficult. This study exposes a serious flaw in the unstructured data security processes of many companies. Inadequate data governance may afford improper access to sensitive information by unauthorized individuals. The research consistently shows that insiders present a huge threat to unstructured data integrity. It also highlights that without proper governance mechanisms in place, it is impossible to prevent these insiders from accessing unstructured information inappropriately.
So how do you manage unstructured files such as Word documents, Excel spreadsheets, text files, PDF files or flat-file databases? A large percentage of these files that contain sensitive information are strewn across your network on every storage device imaginable.
Clearly, access controls are needed to keep roving unstructured data secure. Here are some issues to consider about the use of unstructured data in your organization (Note: This list was adapted from a piece written by David Linthicum (Approaching Cloudsizing).)
1. Impact to business of a data loss
2. Access the culture to comply with systems and policies
3. Access the value of the data
4. Understand your data – its use, lifecycle mobility, etc.
5. Understand your IT services
6. Understand your IT processes
7. Understand your existing IT resources
8. Identify candidate unstructured data
9. Identify candidate IT services
10. Identify candidate IT processes
11. Create a governance strategy
12. Create a security strategy
13. Bind candidate services to data and processes
14. Relocate services, processes, and information
15. Implement security
16. Implement governance
17. Implement operations
Until recently, the unstructured data file dilemma has not been the central focus of most security vendors and IT professionals. Perimeter security controls using firewalls and intrusion detection systems have had a prime focus. The idea was that if you keep the bad guys off our network, especially the storage area network (SAN), nothing bad could happen. This simply isn’t reality. Consider:
- Applications that leave temporary unstructured data files in common drives such as temp directories, the root of the C: drive, and program installation folders
- Laptop computers that travel the world with important unstructured data files can be stolen, accessed or lost
- Users copying unstructured data files from the server to their local Windows desktop so that they can work while travelling
- Users habitually saving sensitive information
It is fine to have your SAN or network attached storage (NAS) environment “locked down.” Sensitive information spread across your network must be managed accountably. Storage security is coming of age and it is critical to rein in your sensitive files both inside and outside of your traditional storage boundaries. Written policies will not get your users to store sensitive information in the proper places. Users generally go down the path of highest convenience, pushing security aside if it gets in the way of getting their jobs done.
The Infinidrive™ by EsoteraS3® is an enterprise-scale SaaS platform that renders highly sensitive unstructured files as indistinguishable fragments to unauthorized viewers, yet makes them accessible to the owner worldwide. It is a robust solution for companies struggling with managing unstructured files.
EsoteraS3 adds many orders of magnitude of security to existing storage systems by hiding both the content and the location of your data. Its managed redundancy technique ensures your data is never lost.
The Conventional Way to Store Data
Conventional systems encrypt the channel over which your data flows or encrypt your file before it is sent. They have complex authentication processes that prove that you are entitled to store or obtain data from their equipment. In all cases, each file is treated as a single entity and resides on a final server or storage device as one piece. Your data is protected from theft through the physical security of the site or by the encryption of its content. It is protected from loss by a regular backup procedure to off-line media such as magnetic tape.
The EsoterasS3 Way
EsoteraS3 Mass Storage System uses mathematics to hide enterprise data. In preparation for writing, each file is broken into small blocks that are individually encrypted. A mathematical algorithm called an ‘Address Transform’ is executed which uses exactly two pieces of information: the fully-qualified name of your file (which includes the names of the sub-directories in which it is located) and your Personal Encryption Code. This algorithm creates a series of instructions that specify on which of one hundred or more computers each block should be stored and where on the specific computer it should be placed. These instructions are executed to transfer each of the blocks to their final positions. When it is time to read back your file, the Address Transform uses the same information (the name of your file and your privately held Personal Encryption Code) to recreate the storage instructions and get each block back. These blocks are then decrypted and used to reassemble your file.
Think of a jigsaw puzzle. Imagine that each piece of the puzzle has its own ‘Peer Index’ and ‘Block ID’ numbers. The Peer Index tells you in which of hundreds of piles of puzzle pieces the piece will be stored. The Block ID allows you to quickly locate the piece in the pile of 100 million pieces. If you know the sequence of Peer Indices and Block IDs that belong to the puzzle in the order in which the pieces fit, then solving the puzzle is not too hard. Now try solving the puzzle without this information when the puzzle pieces are mixed in with many separate piles of 100 million other similar-looking puzzles.
It is not possible to recreate the sequence of Peer Indices and Block Ids calculated by the Address Transform without knowledge of the Personal Encryption Code. This is how EsoteraS3 hides the ‘location’ of your data. An attacker would have to make 264 = 18 billion, billion guesses on each of hundreds of servers to locate each block in the sequence that forms your file. Each guess requires time to transmit to a EsoteraS3 server computer, be processed and return an answer. Even then, the attacker would have to decrypt each block and reproduce the correct order.
This adds up to eons of time even if the attacker has a large number of computers working on a fast network to solve the problem. Your data is safely hidden by the huge numbers involved.
At any time, you can decide to recreate your Personal Encryption Code and restore your data. This forces the attacker to start again from scratch.
Mathematics is also used to protect your data from loss. The EsoteraS3 system actually stores a minimum of three copies of each block on different servers. Should any of these computers fail, ‘data regeneration’ is automatically scheduled within the hour which replaces the third copy of the block on a different computer. This technique of ‘Managed Redundancy’ ensures that your enterprise data is always safe.
3. Professional Security Industry: private security service professionals in the fields of access, transportation, protection, law enforcement and paramilitary that maintain restricted, unstructured data files that may need to be accessed from multiple locations with a higher degree of security than a vpn.
