The Future of Data Security
In the WWDC 2015 keynote speech, we heard from several Apple executives that they “do not want our personal data.”
While Siri is getting smarter and is able to make sense out of our location, our schedule, our contacts, and our emails, Apple emphasises that none of this information will be sent back to Apple or another other third-parties.
This is in sharp contrast against Google, Facebook and Amazon. These companies provide intelligence based on our data. The more they know about us, the better their services will be. Ultimately, their business model is that if we share our data with them, they can serve targeted ads to us. So, the free services we get from Google and Facebook are, in part, paid for by our privacy.
Apple earns the majority of their money by selling hardware so they are betting big on the world caring more about their privacy. The slide they put up on stage defines the Trust No One design philosophy.
Trust No One (TNO) is a security design principle that one does not need to trust any third party vendor. In simple terms, the vendor (Apple) cannot see any user data without the user’s approval.
Apple already employees TNO as a design principle in their technology. iOS disk-level encryption, Touch ID, and iMessages are all designed with TNO in mind. Apple does not have the key to decrypt your iPhone, nor can they see your iMessages.
This is a major competitive advantage for Apple as the industry continue to shift from a trusting to a non-trusting model. We believe that the TNO model is the future and a must-have for any business. Below are three reasons why we think it is the case.
1. Firewalls are great, but people are the weakest link
When we hear about data breaches, it is often not due to security flaw. Most breaches are done through social engineering and the fact that all of the information easily accessible once someone gets past the firewall. People within and outside of the organization need to maintain proper protocol in order to keep the information secure.
2. Customers trust the vendor, but can we trust everyone who works there?
Customers need to ensure that their information is safe with the vendor. Vendors need to trust that the policies will deter the employees from taking the information elsewhere. Although assumptions can be made that employees will be honest and information behind the firewall will be secure, the only way to be certain that data is safe is by distributing the information and having various security checkpoints.
3. TNO distributes the risk of data breach
The Trust No One model makes it incredibly difficult to hack the system simply because the fully encrypted data can be spread out over multiple users - all of whom have a key that is unique to them.
[teaser]Click on the link below to learn more about Zerion Software’s new product, Gnosiz, which is built on a Trust No One design principle.[/teaser]