Last year, 39% of enterprises experienced a breach in their cloud systems, and it goes without saying that downtime and data loss can be devastating. In the cyber security industry, cloud service providers such as AWS are often viewed as the gold standard, but most of their clients would agree that it’s unwise to place all your reliance on those providers to stay available and keep your data safe. Carefully worded exceptions in the contracts can lead to blame getting placed squarely upon the client’s shoulders, with comparatively meagre compensation being provided for outages, and none for loss of data.
Best practice today is to back up off-cloud
Of course, local back-ups can be used to mitigate these risks, but at the cost of doubling your attack surface. They can also be expensive, time consuming, and lose all data since the most recent back-up. Ultimately, this technique only serves as a partial solution.
There are horror stories of companies who lose millions of dollars due to the mishandling of their cloud providers. One recent example is that of Google accidentally deleting a $125 billion pension fund belonging to Australian firm UniSuper. Fortunately, the company held backups of the data elsewhere, but the disruption still led to 600,000 customers being unable to access their accounts for over a week. This was a company following all the correct procedures, but they were still forced to grind to a halt because of a mistake outside of their control.
Not all companies are fortunate enough to have backups, and for some the stakes are even higher. When it comes to critical infrastructure such as electricity and telecoms, extended downtimes are simply not an option.
A better way
One provider offers a unique and innovative method of preventing downtime and data loss, all the while maintaining the fast and reliable storage access expected by the industry today. Umbra Shadowstream™ splits data up into seven or more ‘shadows’ each stored in separate locations using separate providers. These shadows are provably undecryptable, and the mathematics even leave them immune to potential advances in quantum computing. Any of the four shadows are needed to recreate the original data, giving Shadowstream 3-fault tolerance without interference to service. The added security also means that hackers would need to compromise four separate buckets before they could even attempt a decryption.
The continuous backup system makes restoring previous versions seamless. If UniSuper had been using Shadowstream, they would have been able to remain operational while Google restored their servers. To their customers it would have appeared to be business as usual.
Shadowstream itself does not store client data, it remains in third party buckets controlled by the customer at all times. It is not a replacement to the major cloud providers, instead, it works alongside them to enhance security, mitigate downtime, and generally improve reliability. It is compatible with industry standard API, and can be implemented quickly without major disruption. Migration is as simple as switching out credentials.
If you want to learn more about the specifics behind how Umbra Shadowstream works, watch this video.
How can I get involved?
Do you want to get an early insight into how Umbra can help you or your customers? You can be part of Umbra’s current field trials at no cost. All feedback is appreciated. If you wish to participate, or find out whether Umbra Shadowstream is appropriate for your business, check out the trial form.
Have any questions about Umbra? Call +44 114 360 2600 or email info@umbrasystems.uk
