Few companies recognize the value of their data until it is gone or being held for ransom. The biggest assets in the past were physical – land, buildings, and machinery, but that has rapidly transitioned to intellectual property and data. The advent of the internet has made it easy to store and exchange data globally and with it have come thousands of services, paid and free, vying to help manage our biggest asset.
Is a free service really free? Are the services safe, equal? No!
Personal and Corporate data is today’s gold rush evidenced by:
- The largest companies extraordinary profits from the management of data.
- The advent of ransomware gangs that hold data for ransom and/or auction it to the highest bidder on the dark web.
Obviously our collective data is immensely valuable but few individuals and companies really know where it is – it’s usually scattered across multiple sites, drives, and systems on other companies’ property. As enterprises grow and adopt more cloud based technology, the attack surface is growing (CSO report on Cicer One’s Cyber Security News) As we grapple with the idea that our gold is in other people’s hands, it becomes apparent that cloud storage and apps simply aren’t suitable for the all data storage and exchange that needs to be kept secure.
Ask yourself, if my sensitive information is published or sold on the web:
– what would it cost me to recover
– what would it do to my reputation
– am I legally liable to my clients or vendors for losing their IP?
Many companies don’t recover from a serious data breach. Cicer One now offers 3 solutions for companies to protect their sensitive data assets:
– Cloud SCUTE – this is hosted in a secure facility and Cicer One cannot access the data by design. It is a good place to start securing your data and you can easily transition to Hosted or On-Premise SCUTE.
– Hosted SCUTE – Cicer One hosts dedicated physical hardware that only you can access. The hosted service provides redundant power and network which is not available on premise for many companies.
– On-Premise SCUTE – the most secure version has the physical keys and system hardware located on your premises and in your complete control.
Get ahead of your competitors and the nefarious criminals and ensure the safety of your data ‘gold’ for all the stakeholders including employees, clients, vendors, and investors. Purchase your own SCUTE or reach out to us for a 30 minute demo.
Do you really know where your data is?
Data is the biggest asset for today’s companies. All our intellectual property is now digital and we exchange it so often we take the magic of networks and the internet for granted.
In the past, we exchanged data and intellectual property point to point through snail mail, faxes, courier, and other physical means. We were certain that the information exchange was secure and data loss and theft was rare.
The advent of networked computers in an office made the exchange and storage of information faster and more economical and we experienced the same feeling of security as we had with physical versions of data.
However, few people understood the risks and exposure inherent with sharing data across the internet – we assume it is as safe as sharing it within our corporate walls. We didn’t expect:
- The cloud service providers to build business models profiting from scanning the data exchange and profiling the users. We didn’t expect them to store copies of the data at exchange points.
- We didn’t expect friendly and unfriendly governments to capture the data exchange and store it.
- We didn’t expect an entire cloud-based software and data storage industry to be built with a business model of anonymizing and selling the data and user exchange profiles.
Cicer One has built SCUTE to address all these concerns. SCUTE enables companies to have the same point to point exchanges they experienced within their own walls while enjoying the benefits of easy and simple exchanges with selected external companies and users.
SCUTE’s answer to the question for you and your company stakeholders is – MY DATA IS OWNED BY ME!
- Your data (your highest value asset) is exposed to 3rd party companies who, without your knowledge, scan, anonymize and profit from all your intellectual property and customer transactions.
- Your data is accessed by people not employed in your company and not subject to the legal terms and conditions you set with your clients.
- Your data can be stored anywhere in the world and in many cases is accessed by foreign governments.
- It is difficult to meet the multitude of compliance frameworks when it is impossible to audit and track the physical location of your data.
At Cicer One, we recognize that cloud computing isn’t the right answer for everything. We’ve created a better way that allows you to safely share, control and monitor the critical data exchanges between your employees, clients and suppliers while keeping it exclusively your property and under your control.
Like most business leaders, you’re probably concerned about trusting that your most sensitive data and information is secure in the cloud.
Your concern is valid!
Over the past decade many industries have switched from primarily on- premise computing to cloud computing. There is no doubt that cloud computing has helped companies reduce their IT costs, improve data access and increase agile scalability. This is all amazing for data and information that is public in nature.
However, the cloud darkens when you consider this same level of access relative to your most sensitive and valuable data and information.
Consider the points below:
1. Privacy – You need to understand the policies of your cloud provider as well as your own legal obligations when it comes to protecting privacy. Given that employees within your cloud service provider can access your information without your knowledge, lack of privacy is a top concern!
2. The cloud never forgets – it is impossible to completely erase data when shared through many cloud service providers due to their exchange and storage policies.
3. Regulatory compliance – it may be impossible to achieve regulatory compliance under the framework that governs your industry if all of your data resides in the cloud.
4. Data Jurisdiction – many cloud providers do not guarantee that your data stays in your country. As such, your most sensitive data will be subject to compromise and access under the laws of foreign governments, many of which are not friendly.
5. Audit requirements – in the event of an audit by your clients or vendors, you are compelled to provide a complete log of all transactions on the related data. This is next to impossible in the cloud. To complement the cloud, Cicer One has created ‘Sealed System’ technology that provides the benefits and ease of cloud-like data exchange while ensuring the data is exclusively your property and in your control. It is simple enough that non-technical business leaders can control and monitor data access and exchange while improving full disaster recovery and business continuity practices.
Glance at our cyber security newsfeed and you’ll notice similar stories over and over again…
- Companies and governments are being ransomed every 21 seconds
- Anyone with malicious intent can easily license ransomware services
- Ransomware demands are skyrocketing to over $111K
- Most companies that are attacked go out of business within 6 months
The attacks are real! The threat to your business is real! Ask yourself:
- What would I do if my data was sold to the highest bidder on the dark web?
- What would I do if my data or intellectual property was held for ransom?
- What would happen if a malicious link within an email were to be clicked?
- Can I ensure business continuity with minimal interruption after an attack?
- Do I have the financial resources to pay a ransom and get my data back?
- Will my clients stay with my business if I’m attacked?
If you answered “No” to any of these questions, or if you simply don’t know the answers, let’s set up a time to talk.
2020 has seen the rapid dispersing of employees from centralized offices to work from their homes. Companies have been utilizing tools including FTP & SFTP for many years to give access to files and data to employees customers and vendors to exchange data outside of the physical office. However, with the rapid increase in WFH on to the dangers of the cloud for their direct staff – Why neither of them are a good idea for WFH.
FTP is a traditional File Transfer Protocol used by many companies to enable the transfer of data. However, it is not very secure as the transfers are not encrypted and allows man-in-the middle attacks. Many industries have created regulatory bodies such as HIPPA, NIST, and CMMC and require data transfers to be encrypted as a minimum standard.
SFTP adds a layer of security to the FTP protocol based on network Secure shell (SSH) and is a replacement for FTP, but also has drawbacks.
- SFPT needs to be setup at both the server and endpoint and maintained by an IT professional. Many small & medium enterprises do not have this skill set on staff.
- It is not always possible to setup a VPN to give access to share data with external vendors and clients.
- Costs of implementing and maintaining
Like most, as a senior leader in your company, you may not be familiar with the terminology above and you are concerned that your remote staff can properly access the critical data that you cannot risk with cloud providers. SCUTE solves all these challenges:
- Extend rights to pools of data to internal and external users (customers & Suppliers)
- Visually manage the users and log their access.
- Data is encrypted in transit and at rest meeting & exceeding industry
- On-premise hardware so you physically own
- Assurance of business continuity if your IT vendor or data storage partner discontinues their service