Written by Ahmet Tuncay, chief executive officer of Sepior
Enterprise Shift to Cloud Drives Shift Toward Virtualized Hardware Security
Models (HSMs)
Cloud economics and the expanding availability of cloud-based
productivity, infrastructure, and platform services is accelerating the
transition of enterprise applications to the cloud.
The increasing adoption of public/private hybrid multi-cloud
environments present new challenges for traditional enterprise security
solutions, including encryption key management schemes that depend on on-prem
or hosted hardware security modules (HSMs). While appliance based HSMs are very
effective for protecting cryptographic materials within a single trust boundary,
they can become expensive, require complicated management, and lack agility
against new types of malicious attacks in fast changing multi-cloud environments.
As a result, there will be accelerated adoption of pure-cloud virtualized HSMs
and key management as a service (KMaaS) solutions designed specifically to
support business applications running on hybrid multi-cloud environments.
Cloud-based virtualized HSMs and KMaaS offerings are proving
to be highly attractive to increasingly strained IT budgets, and the ability of
these systems to secure content in private data centers, public and private
clouds, and across multiple cloud providers serves as the catalyst for their
adoption.
Blockchain's Transition
from PoCs to Production Increases Emphasis on Privacy and Interoperability
Permissioned
blockchain projects picked up a lot of steam in the past twelve
months, with many large-scale enterprise consortiums announcing one or multiple
projects. Many are transitioning from proof of concept (PoC) to real world
pilots and initial production. While the indelible distributed trust benefits
of blockchain are compelling for an array of enterprise applications, the
practical realities of scalable performance, privacy control, interoperability
between systems, and maintaining compatibility with rapidly evolving platform
technologies raised big yellow warning flags for many projects.
The industry is now better able to understand and
incorporate more flexible off-chain technologies available to remedy the
limitations of enterprise blockchain applications, including flexible key management
and zero knowledge (ZK) proofs. Off-chain solutions tend to be interoperable
across a wider range of existing systems and provide the agility to adopt to
new business requirements while maintaining compatibility with emerging
platform technologies.
A Shift to More
Effective Cryptocurrency Wallet and Exchange Security
The past six months have been a tough road for
cryptocurrencies, both in terms of plummeting valuations and losses due to coin
thefts. Nearly 96% of all thefts in 2018 were from attacks on exchanges as
opposed to individual wallets. Approximately half of all cryptocurrency exchange
thefts to date occurred in 2018. The market shift to larger scale institutional
investors will mandate better security and compelling security assurances to
enable these new customers to participate in any emerging cryptocurrency
economy.
Expect to see exchanges migrate wallet services
from single signature transaction approvals to multiple party approvals and the
adoption of
threshold
signatures to mitigate custodial wallet security concerns while reducing
transaction fees and lowering operational costs associated with trades.
##
About the Author
Ahmet Tuncay, chief executive officer of Sepior
Ahmet is the Chairman and CEO of Sepior, a company dedicated to protecting the confidentiality of business information and integrity of transactions through advanced cryptography. Before Sepior, Ahmet was CEO of Soonr, a secure content management SaaS provider to over 150,000 businesses that was acquired by Autotask. Before Soonr, Ahmet held executive roles at SpiderCloud and Trapeze Networks, an enterprise wireless company acquired by Juniper. Ahmet was the founding CEO of SolarFlare, a fabless semiconductor company, and held management and engineering roles at PairGain Technologies, SynOptics Communications, and Electronic Data Systems.