12 Aug CIOs: Bring Your Own Key To Secure The Cloud

BYOK provides trust and control over apps and data

– Michael Redding, CTO at Quantropi

Ottawa, Canada – Aug. 16, 2021

Cloud computing began its meteoric ascent to dominance almost two decades ago. But one fundamental — and persistent — shortcoming of this approach has continued to confound businesses and keep many CIOs awake at night:

TRUST and CONTROL.

How We Got Here

Those early CIOs who sought to capitalize on the many benefits of cloud had to make one significant concession: in exchange for unlimited compute, storage, or SaaS resources on-demand, they had to place a hefty dose of trust in their cloud provider.

This meant relinquishing their long-held vice-like grip on control.

Back in the days when CIOs built their on-premise data centers from the ground up, they had complete command, visibility, and influence over its design and architecture, as well as all matters related to service resiliency, redundancy, security, and performance.

This approach involved making a trade-off between high costs and complexity on the one hand and absolute control — and therefore comfort — in their accountability to the CEO and Board on the other.

But, over time, the increased need for speed and the ability to dynamically flex and rapidly ramp up capacity in response to shifting market requirements made this approach difficult to justify. Simply throwing money at the problem also no longer helped: If a CIO spent $1 million on cybersecurity, a cloud giant like AWS spent $1 billion plus.

Safety in Numbers

Increasingly, more CIOs yielded to the lure of the cloud, joining their peers in the hope of developing some form of “herd immunity” to any inherent data and information security vulnerabilities.

Over time, they’ve gradually built up a level of trust in the leading cloud players to the point that in 2020, cloud became the source of more than 50 percent of organizations’ total IT spend.

But is there such a thing as absolute trust and control?

It’s a good question… but it’s also where things get a little complicated. Consider recent news reports about how the US Department of Justice subpoenaed Apple for certain emails of politicians and journalists.

This move was met with alarm and disbelief. After all, those customers trusted Apple to guarantee the confidentiality of the contents of their emails.

This has all placed Apple in an uncomfortable position between law enforcement, the courts, and the customers whose privacy they promised to protect.

BYOK: Control Comes Full Circle

All this brings us to the concept of “bring-your-own-key” or BYOK and its role in forging a practical and permanent solution to the lingering trust and control conundrum.

BYOK is a mechanism that places the power to control and access confidential data or “secrets” back in the customer’s hands.

Provided the key and encryption methods are strong enough, nobody except the owner/keyholder can ever access the data being stored and protected.

This paves the way for CIOs to regain some of the control they previously conceded to their cloud providers. That’s because now the cloud system allows the customer to supply and manage the keys rather than the provider.

Many top cloud and SaaS platforms now offer BYOK, and this recent announcement by Google confirms that yet another major player is stepping forward.

There are two notable changes to Google’s information security and access policies:

• By letting customers shield their data by storing their own encryption keys, Google — or any requesting government agency — will no longer be able to access a company’s data.
• Later in the year, Google will publish details of an API that will let enterprise customers build their own in-house key service, allowing workplaces to retain direct control of their encryption keys. That means if the government wants a company’s data, they’ll have to ask them for it directly, rather than serving the key holder with a legal demand.

Putting BYOK to Work

At Quantropi, we’re all for empowering companies to protect their own data. And now, CIOs everywhere can embrace the BYOK concept by provisioning Entropy as a Service with Quantropi SEQUR™, ultra-random key generation and quantum-secure distribution to ensure forever unbreakable communications. Quantropi’s patented technology is readily deployed on ANY existing network, over unlimited distances, at ultra-high speeds. Making ours the only company in the world capable of quantum-secure key generation and distribution over TODAY’s Internet.

– Michael Redding is CTO at Quantropi. He oversees Product Strategy, Engineering, Research and Development and Customer Support for the company. Before Quantropi, Mike was Managing Director and co-founder of Accenture Ventures, where he grew a global portfolio of strategic partnerships and 38 equity investments in emerging technology start-ups. During his nearly 30 years with Accenture, he incubated and launched technology innovations for enterprises across multiple geographies and industries. Ever-passionate about bold ideas with game-changing results, he speaks frequently on the impact of emerging technology on large organizations.

About Quantropi