After nearly three years in development, the May debut of Tasmanian startup company's StratoKey security tool has been rewarded with a finalist berth in upcoming awards from security giant RSA and the opportunity for the founders to present to a massive audience of regional security-industry figures.
Just four finalists in the RSA Conference 'Most Innovative Company' awards will be given the honour, representing innovative security technologies from around the region at the upcoming RSA Conference Asia Pacific & Japan 2014.
StratoKey sits as a gateway server between company networks and cloud information-storage servers, selectively encrypting data before it's stored in the cloud service. Encryption keys can be revoked with a moment's notice from a control console, helping companies quickly respond to protect their data if a suspected compromise is detected.
“Every organisation that we speak to has concerns about security in the cloud and security with any sort of hosted data,” CEO Anthony Scotney told CSO Australia. “Organisations might be using cloud services, but they don't have any way to pull the plug on a moment's notice if there is some critical security event.”
StratoKey can mix and match encryption types based on the kind of data being managed – allowing, for example, specifically structured data fields to be encrypted in a relatively simple way while body data is given the full 256-bit treatment through a variety of encryption algorithms.
Behind the scenes, “a bunch of hard-core analytics” is run on in-memory data to pick out security trends and anomalies from processed data. The platform is designed to monitor normal user behaviour and pick out anomalies, taking advantage of its position as a gateway to combine the encryption/decryption of cloud data with another level of security alerting.
“We're pairing data-level encryption with big-data analytics,” Scotney said. “It collects a tonne of data, and it's this pairing of the two that makes it so powerful. When you pair them with countermeasures, you have quite a compelling solution that really can stop data breaches and doesn't require masses of manual intervention.”
The opportunity to present at the RSA event is a great coup for the company because “as a small company it can be hard to get the word out there”, Scotney said, adding that the company is looking to add implementation partners as well as selling the technology to end users. The education and utilities sectors have been big early adopters of the solution.
“Data breaches are happening frequently and most of them are entirely preventable using technology like this,” he said. “It's frustrating seeing them happen when they are entirely preventable with the right technologies.”