We specialise in developing multi-cloud blockchain solutions
One of the hidden benefits of end-to-end encryption is that cloud service providers and third-party support professionals do not have any access to your business records, so their responsibility is limited to ensuring that the business records remain available to authorised business users and cannot be deleted or corrupted, and ensuring faults are reported immediately to authorised users.
However, we can increase these advantages substantially by distributing business records across multiple clouds from different cloud service providers, and using blockchains to prove that the business records have not been modified. Each cloud stores part of each encrypted business record, retaining the data in read-only archive storage for the required retention period, and responds to validated access requests from users, which are permanently recorded in the blockchain.
This means that it is physically impossible for cloud service providers to decrypt the business records, even with authorised user credentials, because they never have enough encrypted data. However, each cloud service provider still contributes to the consensus process, which proves that the majority of the cloud service providers have verified that each access request is valid. This is really important, because it allows business owners and principal officers to specify additional validation to protect the business records, even when user encryption credentials are compromised.
This has the benefit of making cyber-attacks on the business records extremely difficult, because it is necessary to compromise the majority of cloud service providers in order to compromise the data. It also means that any attempted attack on the business records will be permanently documented in the blockchain, making the audit records available for future analysis, allowing illegal or undesirable actions to be addressed by auditors, optionally in real-time.
For maximum security, we recommend that business owners and principal officers nominate a minimum of three administrators or escrow providers to contract with cloud service providers, in order to minimise the potential risks caused by compromised credentials and targeted attacks on administrators.
Item added to cart