RSAC Fireside Chat: A breakthrough in securing cloud collaboration — decentralized key storage

By Byron V. Acohido

Back in 2002, when I was a reporter at USA Today, I had to reach for a keychain fob to retrieve a single-use passcode to connect remotely to the paper’s publishing system.

Related: A call to regulate facial recognition

This was an early example of multifactor authentication (MFA). Fast forward to today; much of the MFA concept is being reimagined by startup Circle Security to protect data circulating in cloud collaboration scenarios.

I learned about this at RSA Conference 2023 from company Co-founder and CEO Phani Nagarjuna, who explained how Circle extends the use of encryption keys fused to biometrics and decentralizes where copies of the keys are stored. For a full drill down, give the accompanying podcast a listen.

Guest expert: Phani Nagarjuna, CEO, Circle Security

According to Nagarjuna, Circle’s technology places a small agent on the endpoint device. This facilitates the creation of an asymmetric key pair and a symmetric AES256 key. Together these keys authenticate the user’s identity and enable secure and private access to cloud-stored data and resources.

Access to cloud-stored files can then be shared widely. But only authorized individuals, with proof of identity originating from their authenticated device, can open the files. All access attempts get audited using a built-in distributed ledger, allowing policy enforcement and quick remediation.

This iteration of my old-school keychain fob thus eliminates the need for usernames and passwords while much more robustly protecting sensitive data, Nagarjuna asserts. How much traction will it get? I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.


(LW provides consulting services to the vendors we cover.)

June 7th, 2023