It is incumbent upon all cloud vendors to demonstrate that their services are secure. Customer data needs to be protected against malicious hacker attacks or accidental breaches caused by slack internal security protocols. Cloud storage vendors are fortunate in that they can take advantage of modern data encryption. Our security challenge demonstrates that encryption is an effective means of deterring even the most sophisticated hackers.
SaaS providers have a much greater hurdle to overcome. In SaaS, customer data and the software that interprets it coexist in the cloud. Although the data can still be encrypted when it is not being used, it must be decrypted for that software to use it, which means the SaaS provider has to hold the encryption keys. This presents a clear line of attack for hackers that want access to the data. A smart hacker will attack the administrative system that guards the keys, knowing full well that a direct attack on the encryption would be futile.
With over 500 million users, Facebook is the most popular SaaS in the world. This makes it an ideal target for high visibility security attacks. To test its systems, Facebook recently launched its own security challenge. According to the original TechCrunch piece on the story, the head of site reliability engineering at Facebook challenged employees to access the company’s administrative system through him. The initial story indicated that the employees succeeded by working through the engineer’s home WiFi network, but he dismissed the claim.
Here’s an excerpt from his response:
Despite months of work and hundreds of hours of effort by a team of specialized security engineers, the team was NOT able to access Facebook’s administrative or corporate systems. While they were able to access my personal Facebook account, they were not able to use this information to access any other account on Facebook.
People are reliably the weakest link in a security protocol. We’ve written extensively about the strength of OpenPGP and the truth is that smart hackers wouldn’t bother with a brute force attack on our encryption. It’s too difficult.
What really happened with this internal Facebook challenge is hard to say. But the security protocol at Nasuni is designed so that there is no such thing as adminstrative access. There is no “holy grail” like this in our design. An attacker could sit outside our engineer’s homes all day and still not gain access to customer data. He or she would certainly annoy our engineers, who can be an irascible bunch to begin with, so we would not encourage that.
We took the people out of our security protocol. Neither our engineers, nor anyone else at Nasuni has access to customer data. We go beyond the usual “We won’t read it” line in most EULAs. We can’t read customer data.
To find out more about security and cloud storage, and our system in particular, download our new white paper here.