Segregation of Data - Circumventing encryption as a security measure

Those, who have been in the army and have handled weapons, are typically accustomed with the basic principles of segregation as a security measure, when the guns are stored without supervision or guard. Typically  a part of the weapon is removed and kept locked away at a separate storage location. The rule of thumb being: "Keep behind double lock separated by lock". Without access to both parts the weapon is nonoperational and can not fire. in other words security by segregation.

Many companies also have corporate policies prescribing segregation of duties as a control mechanism, which  can be boiled down to the the simple rationale that it is easier for an individual than two or more in collaboration to cheat the company. Though not impossible, conspiracy is far less likely than a lone perpetrator. Segregation of duties is a fundamental principles of many regulatory mandates such as Sarbanes-Oxley (SOX)

Also in IT department segregation of duties is a key concept of internal controls but can be difficult and sometimes also costly to achieve. Objectives are achieved by disseminating tasks and associated privileges for a specific security process among multiple people.

At BooleanVault we take security through segregation a bit further but maintain simplicity and cost efficiency. Utilizing our proprietary algorithms with Asymmetric Asynchronous Bit Segregation (A2BS) we segregate each bit of every byte across a multiple of routing or hosting solutions each managed by separate organizations which again are running their own security measures. 

On UX and application level we further segregate the ID of each fragment of data from its location and relative position. We do that to allow organizational users to handle files (which in our case now is a pseudo file) in familiar ways without requiring behavioral change - a little like utilizing shortcuts on your windows desktop. They can be deleted, copied or moved, but only accessed with an organizational managed client side app on the device.

At BooleanVault we believe you should trust strong encryption but not necessarily the solution or service that provide it or the legal framework in the jurisdiction where the data is stored or passing through. Also you should always remember to ask what good does encryption do if you do not hold the key yourself? A2BS and core BooleanVault functionality works in combination with existing encryption algorithms both before and after segregation.

If you are interested in more information about how BooleanVault can help your organization improving data security and privacy as stand alone or in combination with existing encryption solutions, please contact us through our homepage www.booleanvault.com