HP‘s Atalla division has announced a secure encryption scheme to protect data in the cloud, using keys which are split between customers and Atalla itself.
The company is also offering encryption bundled with ProLiant servers, supported by an Enterprise Key Management appliance, also launched at HP Discover in Las Vegas. In both cases, key management is provided by the Atalla technology, which is already widely used to secure credit card transactions. It also has the useful spin off of saving old disk drives from destruction and landfill.
“Why are we spending more and more on security, but the risks are increasing?” asked Art Gilliland, vice president of security at HP. “Two facts are smashing together: there are super sophisticated bad guys, and the attack surface is expanding.” Much-loved features such a mobility make it easier for attackers to intercept traffic and gain control of systems.
Regulations and best practices only serve to get average users up to the “lower bar”, but they are up against professionals, he warned, who “only need to win once.”
The Atalla web encryption system uses split key homomorphic encryption, so part of the key is looked after by Atalla, and the rest is stored by the user. This doesn’t give HP any access to the user’s data, but it does ensure no one else gets the whole key, he said. It also won’t protect against requests for data from agencies like the NSA since the system is entirely administered by the user,who must respond to any such requests for themselves, Gilliland told TechWeekEurope.
Using this system means that any hard drive or storage system can be routinely encrypted with any strong algorithm, and the keys kept safe. When the user wants the data gone, this can be done permanently by destroying the keys in a “one button” erase function.
This is an important thing, said Gilliland, since otherwise, those hard drives would probably be destroyed in fear that there might be private data there. “Enterprises crush disks all the time out of fear,” he said.”That creates waste.”
Key management also avoids the approach sometimes taken, of using self-encrypting drives (SEDs), as these are more complex to support.
“It’s a dirty secret that key management solutions lock you in,” warned Gilliland. That’s not the way HP does things, he said.
The Atalla encryption division dates back to Tandem, a high reliability computer firm bought by Compaq, which eventually ended up at HP following acquisition by Digitial Equipment. It still has the same CTO, Steve Wierenga.
Illustrating the increasing dangers of social engineering and other attacks, Gilliland recounted how he spoke at a conference recently, then received a thank-you email from the organiser including an invitation to speak at the next event, and an attached photo of himself at the podium.
Only the photo was a PDF, which was unusual enough for Gilliland to pass the email to his colleagues for analysis. It turned out it wasn’t from the conference chair, but the PDF contained a genuine photo of him – packed alongside a unique virus crafted especially for him.
What do you know about Internet security? Find out with our quiz!
Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…
Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…
Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…
Welcome to Silicon In Focus Podcast: Tech in 2025! Join Steven Webb, UK Chief Technology…
European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…
San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…