SecurityBriefAU interviews Robert Morrish about decentralised security

Robin Block of SecurityBrief Australia sat down with Haventec’s Robert Morrish to talk about decentralised security, the implications of Quantum IT, and the market for Haventec’s technologies.

Read the full interview on Security Brief Australia.

(In the excerpt below, Robert Morrish explains why encryption isn’t enough.)

Robert Morrish, CEO of Haventec: “The problem with traditional data security is that key stores are often on the very networks they are protecting, and the perimeters of networks have all but disappeared with BYOD, cloud applications and SaaS solutions. So when hackers target an organisation they have plenty of ways of getting in — and they are highly focused, funded and motivated to do that, because as soon as they get to the key store they can unlock and steal even more valuable data quickly and easily.”

“The necessary question is: how do we store data in a way that is actually safe? Encryption is the common answer, but it is insufficient. Computing capabilities are advancing to the point that most current encryption will be rendered useless within a few years. Right now people are stealing encrypted data knowing they won’t have to wait long for a way to break into it.”

“Haventec aims to futureproof organisations against the threats of hackers using quantum computing. We had independent testing done by David Hook, who wrote cryptography for Android, and his first report said our identity management product Authenticate was built on quantum resistant attack architecture — which we knew, but it was great to hear in an independent review.”

“We don’t use central key stores. Our products encrypt data, deconstruct the data, and then distribute it into multiple locations — meaning a hacker has to approach multiple locations simultaneously within a very limited timeframe to launch an attack before we change everything around.”

“Our Sanctum product decentralises sensitive information such as PCI, so whenever you unlock a crypto vault on Sanctum, we actually destroy the old vault, create a new one and then deconstruct it.”

“For our Authenticate product, we decentralise user identity into three parts. The hacker has to come after our server, your device and the secret that is in your head. That last piece of information is never stored or transmitted in its raw form, and changes every time you interact with us. We have basically made it really expensive and really hard — if not impossible — to go after one account, let alone millions, and we have made it completely impossible to have a central network breach. Losing a million accounts in one go won’t happen with our system.”

Read the full interview on Security Brief Australia.

Topics discussed in the full interview include:

  • The main verticals Haventec is looking at as expansion opportunities
  • Haventec’s cloud and on-premise delivery models
  • Future growth opportunities