Virtualization Featured Article

It's Time to Re-invent Data Storage and Transmission

November 14, 2017
By Special Guest
Cliff Beek, President of Cloud Constellation Corporation -

Even as the internet continues to expand around the world, it is hitting up against the limits of physics and of the increasingly strict regulations imposed in response to successful cyber attacks. This vast interconnection of networks and things is being boxed in, and for financial institutions that want to safely store and transmit data, it’s time to think outside the box. Way outside.

Let’s take a look at some of the primary forces impinging on today’s data storage, as well as a bold new strategy to alleviate the burden of those forces.

Cyber Threats on the Horizon

Worldwide spending on information security products and services will grow to $93 billion in 2018, according to the latest forecast from Gartner, Inc. Yet the data breaches keep coming. The switch from perimeter to endpoint network security has not happened quickly enough, and it alone is insufficient to meet today’s advanced threats.

photo courtesy of Pixabay

All of the “things” now connected to the internet are creating significant opportunities for cybercriminals. The Federal Trade Commission’s suit against a router manufacturer illustrates the severity of the threats that can be caused by insecure internet-connected devices. Last year’s massive Mirai botnet attack, which took most of the U.S. offline for a day, is a case in point.

Experian predicted the top five cybersecurity trends for the year in its Data Breach Industry Forecast. One of them was international data breaches that cause significant problems for multinational companies, particularly in light of preparation for the General Data Protection Regulation (GDPR) to take effect. Of particular interest to the financial industry, the firm also predicted that criminals would focus on payment-based attacks despite the EMV shift.

Another of Experian’s predictions strikes an even more sobering tone: government-sponsored cyber-attacks will escalate from espionage to proactive cyber war. The OPM breach was a mere foretaste of things to come as nations ramp up their activities. Experts anticipate internet-based attacks to take down critical infrastructure at some point, as well. It is also likely that, at least partly due to this activity, government surveillance of data will increase.

Regulatory Burden

Just as surveillance is likely to increase, regulation has already increased and shows no sign of stopping. A pinnacle of data security legislation is the above-mentioned European Union (EU) GDPR. The GDPR’s official site calls it “the most important change in data privacy regulation in 20 years.” It’s also one of the most cumbersome.

The EU is embarking on a noble goal with this legislation. The GDPR is intended to unify data security, retention and governance legislation across EU member states to protect its population’s data. The regulation covers both EU citizens and citizens of any other country residing in the EU. All companies processing the personal data of people residing in the EU, regardless of the company’s location, must comply.

As one can imagine, this becomes a jurisdictional burden of epic proportions.

The focus of the GDPR is stronger oversight of where and how sensitive data—such as personal, banking, health and credit card information—is stored and transferred. Most organizations will need to appoint a Data Privacy Officer who reports to a regional authority, as well. EU residents have new rights, including data portability, the right to be forgotten (erasure) and to be notified within 72 hours of the discovery of a data breach. 

To encourage compliance, the EU has set up a robust fine schedule. Organizations can be fined up to four percent of annual global revenue or €20 million – whichever is greater. It’s important to understand that these rules apply to both controllers and processors – which means clouds will not be exempt.

One would assume that as the May 2018 enforcement date approaches, organizations are hard at work transforming their data classification, handling and storage methods to conform to the new ruling. But research findings from The Global Databerg Report (a survey of roughly 2,500 senior technology decision makers in 2016 across Europe, the Middle East, Africa, the U.S. and Asia Pacific) says that 54 percent of organizations have not advanced their GDPR compliance readiness.

No company is looking forward to giant fines or reputation damage. The fact is that the GDPR is requiring organizations to address some of their thorniest data challenges, including fragmentation of data and loss of visibility. Cloud-based services and the IoT have only added to the confusion and, along with the default behaviors of data hoarding and poor management, create a “databerg” (see the report above) that becomes as dangerous and expensive as the iceberg that sank the Titanic.

So then, financial institutions face one of two choices with respect to GDPR compliance. The majority of affected organizations will spend the next year scrambling to erect infrastructure and processes and deploy personnel to make sure they meet the stringent requirements. The other option is to remove the relevant data altogether from the GDPR’s jurisdiction,  means thinking way outside the box.

Space, the Final Storage Frontier

A space-based storage solution is on the horizon. Though it’s certainly beyond the limits of current data storage types, it lies firmly within the realm of possibility. There are already satellites ringing the earth that regularly receive and transmit information; why not develop a system for secure, internet-free data storage and transmission? A space-based cloud storage network would provide government and private organizations with an independent cloud infrastructure platform, completely isolating and protecting sensitive data from the outside world.

The internet does not have to remain the only way to transmit and share data. New technologies have been conceived to deliver this type of independent space-based network infrastructure for cloud service providers, enterprises and governments to experience secure storage and provisioning of sensitive data around the world. By placing data on satellites that are accessible from anywhere on Earth via ultra-secure dedicated terminals, many of today’s data transport challenges will be solved.

Financial firms will no longer have to concern themselves with jurisdiction-based restrictions such as the GDPR imposes, as space-based data storage does not fall within its mandates. A satellite storage solution also removes today’s most pressing security concerns, since data will never pass through the internet or along its leaky and notoriously insecure lines. In-transit espionage, theft and surveillance become impossible.

Slipping the Bonds of Earth

Government and regulatory bodies are doing their best to keep data safe, and it’s a noble effort. But the problem lies not in regulating activity on the internet but in the fact that the internet itself is essentially insecure. There is just too much access, too many end points and too many ways to steal data. Fortunately, space-based storage and transmission offers a secure alternative for sensitive financial data. To keep prying eyes and sticky fingers away from critical digital assets, it’s time to think outside the internet box.

About the author: Cliff Beek is a leading executive within the Global ICT sector. He has extensive experience with the management and financing of equity-backed ventures within areas of satellite, mobile broadband, mobile app development and cloud infrastructure entities. Beek founded Star Asia Technologies and Laser Light Communications and served as the EVP at CoCo Communications. He holds an MBA from the Wharton School, University of Pennsylvania.

Edited by Mandi Nowitz

Click here to share your opinion – Would color of equipment influence your purchasing decision, one way or another?

Featured Blog Entries

Day 4, Cisco Live! - The Wrap

Day 4 was the final day of our first ever Cisco Live! We had a great show, with many great conversations and new connections with existing and potential end users, resellers, partners and job hunters.

Day 3, Cisco Live!

Day 3 of Cisco Live is history! For Fiber Mountain, we continued to enjoy visits from decision makers and influencers who were eager to share their data center and structured cabling challenges.

Day 2, Cisco Live!

Tuesday was Day 2 of Cisco Live for Fiber Mountain and we continued to experience high levels of traffic, with many high value decision makers and influencers visiting our booth. One very interesting difference from most conferences I attend is that there are no titles on anyone's show badges. This allows open conversations without people being pretentious. I think this is a very good idea.

Day 1, Cisco Live!

Fiber Mountain is exhibiting at Cisco Live! In Las Vegas for the first time ever! Our first day was hugely successful from just about any perspective - from quantity and quality of booth visitors to successful meetings with customers.

Industry News