Despite just being at the company for a short time, Faiyaz Shahpurwala, chief product officer at Fortanix, has been focused on delivering product and strategy. However, as a security expert, he took some time out to talk to us about his experience in the industry along with the announcement of a new form of security that could change so much in encryption.
What shifts are you seeing in data protection and how what will this mean as a whole?
One of the key things is that people are moving their applications and data to the cloud. Let’s assume that when you move that data, you want to encrypt the data, you want to make sure that all the data is encrypted and the keys are required to lock and unlock the data encryption. You have to export into the cloud connection. And you also need to think about encoding, so you have to keep exporting the keys. Firms like Google don’t want to give up the control of exporting the keys to the competition, they want to keep it under their control, behind their firewall.
So, [as part of a recent declaration] what Google announced recently is that they have built this API and product called EKMS (Electronic Key Management System) that allows things that are running on the live Compute Engine, which is a kind of an extended right to be able to connect with a key management system on-prem and effectively leverages keys without having the customer remove the key into Google Cloud.
Do you think this is something that can solve a lot of problems?
It is definitely a combination of things. This has been one of the key barriers for customers moving workloads to cloud. They can still go to the cloud but have control over those workloads. But, if there is a compromise or problem, a person can just shut off their key. So, a large financial customer, a healthcare customer, or any customers that have sensitive data can be compliant with security requirements.
So, if there happens to be a cyber-attack, the user can just shut off access to the data?
Yes, the user has access to the key so can switch it off from anywhere. It won’t affect the workload and so can continue working.
We provide that whole infrastructure on-prem that does the key management. Imagine if you’re running in multiple brands. Today, you have to go into every cloud and every code is slightly different so, that becomes a big issue. Another issue is typically when incidents like a hack happens, then the next thing is that it’s you have to see, so you have to get all the audit of what happened. But with the new announcement, this is much more under control.
What why do you think the future of cloud security could be?
DevSecOps is becoming very popular. And I think in the future will be easier for developers as DevSecOps makes more sense. We’re focused on the longer-term functions. Like. how do you make things easier for people?
What other trends are you seeing at the moment?
Security is a very big issue with the cloud and so you know under some very hard problems to solve. In terms of barriers that customers have to go into, the cloud is solving the security compliance issue, so that will be big.