“Once the data is out there, it’s out of their control,” said Elliot Lewis (@elliotdlewis), VP of security, risk, and compliance research at Info-Tech Research Group, in our conversation at the Black Hat USA 2016 conference in Las Vegas. “This has been a persistent problem for several years now about how do we trust going to the cloud.”
Even though all businesses know that the efficiencies of the cloud are critical for business, those persistent concerns of where one’s data going when it’s in the cloud and how one should protect it, still linger.
To get a better handle on floating data, a new category of technologies and companies are cropping up that hope to offer persistent control of data, said Lewis. But this new product category introduces lots of questions and demands.
For example, if a piece of data goes into the wild, can we still control it? Can we still see who accessed it? Can we see where it’s been to and where it’s going to? Can we actually manipulate it? And should we see it fall into the wrong hands, can we get it to destroy itself at that moment?
That’s a lot of demands, and there’s no question that the market for such a technology would be enormous.
At this point, said Lewis, there’s been a nascent movement in several different formats. Info-Tech is watching to see which companies will take hold, build a standard, and get users to adopt.
Lewis describes the pros and cons of the different models he’s seeing right now. One requires a call to the owner, once accessed, and the other has encrypted controls alongside the data itself.