22 Jul Encryption Keep Data Secure?
The short answer is yes, data encryption works but only when done correctly. So how come all these big data aggregate and cloud storage systems are continually leaking user information?
Let’s take, for instance, Dropbox: one of the largest cloud-based data aggregates in the world. In 2012 dropbox began receiving emails from users who complained that they were getting emails sent to an address which they only used with dropbox. Upon further investigation, the Dropbox team found that a few usernames and passwords were stolen and used to sign into a small number of Dropbox accounts. From among that unauthorized access, “a stolen password was also used to access an employee Dropbox account containing a project document with user email address.”
2016, 68 million uses had their emails and passwords leaked onto the internet resulting in a slew of individual data breaches and identity thefts. This leak was a direct result of the Dropbox compromise in 2012, but the company failed to mention that passwords were revealed.
Similarly, a 2020 study conducted by the University of New York uncovered flaws in 1Password and LastPass applications that made them susceptible to phishing attacks. Dr. Siamak Shahandashti says that “our study shows that a phishing attack from a malicious app is highly feasible – if a victim is tricked into installing a malicious app it will be able to present itself as a legitimate option on the autofill prompt and have a high chance of success. In light of the vulnerabilities in some commercial password managers our study has exposed, we suggest they need to apply stricter matching criteria that is not merely based on an app’s purported package name.”
There has been a significant amount of smoke, mirrors, and noise in the security marketplace. Marketing and promotional jargon proliferate with claims of superior performance towards everyone’s ultimate goal: the privacy and security of data assets .
In reality, there are very few companies that have seen the future of data encryption software and have developed for it. There are a multitude of predictive, analytical, reactive, defensive, and deflective tools that claim they deliver data security. But what they were built to do specifically, is to attempt to protect those perimeters that hover around the data: networks, endpoints, platforms, applications, infrastructures. To date, without much success.
Trying to protect the billions of doors and pathways to valuable data assets defensively has been proven without a doubt to be IMPOSSIBLE, according to Gartner, SCMedia, Ponemon Institute, Forrester, and a plethora of other cybersecurity experts.
Office 365, desktop apps, and other cloud storage solutions have failed time and time again. STASH was developed specifically for this Presumed Failure. We realized that taking a different approach, developing a way to protect the core, most common denominator – the data itself – is the solution our customers and 1,000s of companies around the world have been seeking.
By proactively protecting data through a proprietary method of
encryption, parsing, multiplication, scattered in multiples on any kind of cloud configuration or on-site servers anywhere in the world a client chooses. STASH mitigates the possibility of data compromise to the lowest possibility ever and ensures data integrity, resilience, privacy & security for decades, no matter how technology changes. You have complete control over who is able to access your storage space; not even the STASH team has access to your backend.
Cloud storage options are good for keeping working documents or large volumes of relatively unimportant content. But for sensitive data and personal data, you need something more secure than big box cloud storage services. STASH’s datacentric approach to security makes it the best option for protecting what you can’t afford to lose.