Data Protection - APF Technologies %

The First Ever Quantum Computing Safe Data Protection On a Massive Scale

The efficacy of data encryption solutions is very uneven based on the choice of algorithms and key management design. Some uses public key algorithms that are valuable to emerging quantum computers, and others are limited to the data on designated storage device (cloud based) or a small network segment (HSM).

The UDS-DS’ first ever quantum-computing safe encryption scheme and patented cloud based key management shuttled the glass ceiling and provides seamless protection to every data everywhere all at once

Fragmented Solutions Leaves Vast Amount of Data Unprotected

According to IBM (“Cost of Data Breach Report 2021”), “organizations using high standard encryption (using at least 256 AES encryption, at rest and in motion), had an average total cost of a breach of $3.62 million,” The reason? Fragmented encryption doesn’t add up as a whole because it leaves attack surfaces behind when data is accessed. Piecing together different solutions, the data protection in enterprises’ environment is like a jigsaw puzzle that is missing many pieces.

Most data protections, including cloud based (S3, Box) and Hardware Security Modules (HSM) are better suited for achieved data because they have very limited scope where data can be protected.

Although data stored on the cloud is encrypted, when data is accessed by a user from an end device, a local unencrypted copy is created and stays on the device without protection. As a matter of fact, nearly all the data on end devices are not encrypted at rest when a device is running, and neither are emails and attachments.

HSM secures data stored on some servers in the network segment it can reach. When the HSM protected data is used on different servers outside its network segment for another application, e.g., machine learning, the data need to be decrypted and moved without encryption.

The fragmented protection is the reason why data breach persists.

Some solutions have tried to expand the scope of data protection. Microsoft’s Right Management is one example but it is also limited to files created by its Office Suite, another form of segmentation. Besides, it protects data keys with a public key encryption which is vulnerable to the attack by emerging quantum computers.

Fragmented protections on some devices but not others create vulnerable attack surfaces. For enterprises, those attack surfaces are large enough to cause data breaches and inflict server damage.

Seamless End-to-End Protection by UDS-DS Eliminates Protection Gaps

UDS presents an entirely different solution that leaves zero attack surface.

With UDS, data is encrypted as soon as it is discovered and transformed into APFX format, and remain encrypted end-to-end through its entire life cycle.

When APFX data is moved to other devices, it remains seamless encrypted during the transit and at rest on the new device.

When a user or application accesses APFX data, the UDS client app obtains permission from the UDS cloud after policy verification and decrypts the data to the intended application only. It clears the cache as soon as it is no longer needed and doesn’t leave data unencrypted.

UDS-DS uses Quantum-Computing Proof Scheme and FIPS-2 Certified Modules

Not only are the increasing attach surfaces a cause of concern, but the encryption technology itself is also facing challenges as the chip capabilities, especially quantum-computing, advance rapidly. If the data encryption keys or access control data are protected by RSA (public key encryption), they are vulnerable to attacks by quantum computers in a decade or less. In fact, experts warn that attackers today are hoarding encrypted data to be harvested in the future.

To easy the concerns of migrating a very large amount of data to a quantum computing safe solution in only a few years, UDS-DS pioneered a quantum-computing proof encryption scheme today to ensure the data safety in the upcoming quantum computer era with the need and risk of data migration.

UDS protected data doesn’t have keys or access control data attached, and UDS doesn’t use any public key encryption in any part of the data encryption. Furthermore, UDS gives each data a unique, maximum length, random symmetric key. So to break the UDS data, the attacks must attack each and every data repeatedly which makes breach of UDS data impossible, even with might future quantum computers.

Access Right Management

Encryption is only useful when coupled with the smartest access management for billions of files accessed by hundreds of thousand of users

Compliance

GDPR, HIPPA and GDPR, CCPA, NY DFS Cyber Security Regulations, all in one solution

Contact Us

Interested in learning more about how APF can help your organization’s data protection and cyber privacy needs?