A space-based cloud storage network could protect sensitive data from the outside world and looming data security regulations.
Cliff Beek is the president of Cloud Constellation Corp.
From the ancient Greeks to the employees at NASA, humans have always been fascinated with the stars. We have projected our mythology onto them and imagined wars and treks through them. We wonder at the possibilities that lie beyond the bonds of Earth.
What does this have to do with data storage? It will soon be revealed. But before we can delve into where data storage is going, we first need to take a look at the current data landscape to understand some of the primary forces influencing today’s data storage strategy.
Bigger Budgets, Less Data Safety
Market Research Media forecasts the U.S. federal cybersecurity market will grow from $18 billion in 2017 to $22 billion by 2022, at a steady compound annual growth rate of 4.4 percent. Yet, the data breaches keep coming. The switch from perimeter to endpoint network security has not happened quickly enough, and it alone is insufficient to meet today’s advanced threats.
The threat landscape continues to expand, thanks in large part to the internet of things. The Federal Trade Commission’s recent suit against a router manufacturer speaks to the severity of the threats that can be caused by unsecure internet-connected devices. Last year’s massive Mirai botnet attack, which took offline most of the U.S. for a day, is a case in point.
Experian predicted several prominent trends in 2017 in its most recent Data Breach Industry Forecast. One of them will be international data breaches that will cause significant problems for multinational companies, particularly in light of preparation for the European Union's General Data Protection Regulation to take effect. The firm also predicts nation-state cyberattacks would move from espionage to war, undoubtedly placing critical infrastructure in the crosshairs and potentially leading to widespread outages.
If that is the case, then the Office of Personnel Management breach was a mere foretaste of things to come as nations ramp up their activities. Experts anticipate internet-based attacks to take down critical infrastructure this year, as well. It is also likely, at least partly because of this activity, that government surveillance of data will increase.
Jurisdictional and Compliance Complications
The nonstop cyber assault on personal, organizational and government data has led to increasing security measures and legislation, culminating in the EU's GDPR, which GDPR’s official site calls “the most important change in data privacy regulation in 20 years.”
The EU drafted the GDPR with the most honorable of intentions: to unify data security, retention and governance legislation across EU member states to protect its population’s data. The regulation covers both EU citizens and citizens of any other country residing in the EU. All companies and government agencies processing the personal data of people residing in the EU, regardless of the company’s location, must comply. From the perspective of those who must comply, though, it’s a jurisdictional nightmare.
The GDPR requires increased oversight regarding where and how sensitive data—such as personal, banking, health and credit card information—is stored and transferred. Most organizations will need to appoint a data privacy officer who reports to a regional authority, as well. EU residents have new rights, including data portability, the right to be forgotten and to be notified within 72 hours of the discovery of a data breach.
To spur affected organizations toward compliance, the EU has set up significant fines for noncompliance. Organizations can be fined up to 4 percent of annual global revenue or €20 million—whichever is greater. It’s important to understand these rules apply to both controllers and processors, which means clouds will not be exempt.
This legislation takes effect in May 2018, so the assumption would be that organizations are robustly transforming their data classification, handling and storage methods to conform to the new ruling. But research findings from The Global Databerg Report (a survey of roughly 2,500 senior technology decision-makers in 2016 across Europe, the Middle East, Africa, the U.S. and Asia Pacific) says 54 percent of organizations have not advanced their GDPR compliance readiness.
Of course, organizations and government entities care about this regulation and its impact. The problem is the GDPR is requiring organizations to address some of their thorniest data challenges, including fragmentation of data and loss of visibility. Cloud-based services and the IoT have only added to the confusion and, along with the default behaviors of data hoarding and poor management, create a “databerg” (see the report above) that becomes as dangerous and expensive as the iceberg that sank the Titanic.
The challenge of GDPR compliance can be approached one of two ways. The majority of affected organizations will spend the next year scrambling to erect infrastructure and processes and deploy personnel to make sure they meet the stringent requirements. The other option is to remove the relevant data altogether from the GDPR’s jurisdiction. Which means taking it offworld.
Storage in the Stars
Though the concept of off-world data may at first sound like science fiction, consider there are already satellites ringing the Earth that regularly receive and transmit information; why not develop a system for secure, internet-free data storage and transmission? A space-based cloud storage network would provide government and private organizations with an independent cloud infrastructure platform, completely isolating and protecting sensitive data from the outside world.
This concept will soon become reality. New technologies have been conceived to deliver this type of independent space-based network infrastructure for governments to experience secure storage and provisioning of sensitive data around the world. By placing data on satellites accessible from anywhere on Earth via ultra-secure dedicated terminals, many of today’s data transport challenges will be solved.
Jurisdictional constraints, for instance, such as those the GDPR imposes. Space-based data storage frees organizations from the jurisdiction-based restrictions the regulation will impose. A satellite storage solution also removes today’s most pressing security concerns, as data will never pass through the internet or along its leaky and notoriously insecure lines. In-transit espionage, theft and surveillance become impossible.
Free to Fly
Secure data transmission and storage have become increasingly difficult across multiple fronts. Regardless of what new laws or regulations come into play, there’s no getting around the fact the internet is no longer an acceptable means of moving data—until now. The promise of space-based storage and transmission is a jurisdiction-free zone where mission-critical, sensitive data cannot be intercepted or disrupted. Like the plotline of the most hopeful science fiction novels, the future of data storage lies in the stars.