Founder Message from Paul Lewis
It is now possible to build a private cloud infrastructure across a combination of public clouds. This geo-dispersed “Private Data Harbor” brings a plethora of security benefits to the Enterprise, allowing a private-cloud like security experience in a public cloud environment.
The Barclays 2024 CIO Survey reveals that 83% of Enterprise CIO’s plan to repatriate at least some workloads, up from 43% in 2020. The decision to exit the cloud and move data back on premises is based, in part, on the Public Cloud providers (AWS, Azure, GCP, etc.) exercising a shared security model, meaning the Enterprise is at least partly responsible for ensuring their data remains secure. Under a shared security model, the cloud provider is not likely liable if customer data is stolen from its infrastructure.
Repatriating workloads, or simply moving data back within the “four walls” of the Enterprise eliminates the risk that a security breach at the public cloud provider may expose its sensitive information to the world. Such a disaster causes all sorts of problems including mandatory disclosure of breached data, compliance violations, and the general embarrassment (and elimination of IT jobs) associated with a data breach.
But is taking a step backward by repatriating workloads the answer? Not necessarily.
Cyberstorage is an emerging trend for protecting sensitive data. Gartner defines cyberstorage as a combination of cybersecurity and data storage that uses active defense measures to secure unstructured data. Emerging technologies, such as a Private Data Harbor, are quickly changing the landscape of how data is protected from ransomware, exfiltration, and accidental misconfiguration.
By fragmenting encrypted data and scattering it across multiple cloud providers, it becomes nearly impossible for anyone other than the rightful owner to reconstruct any meaningful data. And by optionally mirroring the fragments, additional security benefits such as self-healing and 100% uptime are possible.
Instead of taking a big step backwards and repatriating workloads on premises, let’s take a giant leap forward and embrace innovative technologies such as a Private Data Harbor.
About Paul Lewis
Paul is a serial entrepreneur and cybersecurity expert, having founded and led global organizations in security, data forensics, and compliance. A contributor to the NIST Cybersecurity Practice Guide, he has advised the SEC, FBI, Department of Homeland Security, and DOJ on emerging cyber trends. Lewis holds multiple patents in data privacy and serves as a court-appointed expert in data security and incident response.