Decentralized data storage has started to challenge standard cloud storage and may eventually lead to a big change in how businesses distribute and keep their data.
A number of businesses offer decentralized storage alternatives, some of which use blockchain technology to streamline storage processes and verify transactions. A major advantage of decentralized storage networks is their low cost. However, advantages like data immutability, more privacy, and improved overall security are also highly desirable.
To learn more about the decentralized cloud environment and how it helps cybersecurity, we welcomed Ben Golub, CEO of Storj – a business that provides safe, private, and cheap decentralized cloud object storage for developers.
Tell us about your journey. How did the idea of storage originate?
Storj was the brainchild of Shawn Wilkinson when he was a student at Morehouse College. He saw the growth of the decentralized industry, specifically a lot of the activity that was happening around Bitcoin and other cyber assets, and he felt that a lot of those assets were dependent on people using computing resources for the sake of using computing resources without a positive end in mind. He thought about whether he could do something that was decentralized, but really useful by taking advantage of all of the unused data capacity in the world.
What we know is that the world creates more and more data every year, and yet the prices of storage haven't come down in over five years. Most cloud data is stored by three of the largest companies on the planet, and those businesses are in the business of mining and selling data.
There is also a huge environmental issue. Most hard drives on the planet are underused. About 75% of them are less than 20% full. Shawn’s vision was to figure out a way to take all of this huge untapped capacity and put it to use in a decentralized model in order to solve many serious problems for the industry. That is how Storj was born.
Can you introduce us to what you do? What is decentralized storage?
Most cloud storage today involves people storing data with cloud providers like Amazon, Google, or Microsoft and in data centers that these companies own, run, and operate. Decentralized storage takes a different approach. It's like Airbnb for disk drives. Storj takes data, encrypts it, splits it into pieces, and then stores those pieces across large numbers of drives that are run by independent parties all around the world. We split up the data using a technique called erasure coding, which is the same technology used on DVDs, Voyager, etc. Basically, every file is split into at least 80 pieces, of which only 29 are needed to put it back together. Each of those 80 pieces is stored on a different drive, run by a different person, on a different network,, and in different geographies. While that may sound like a crazy idea, it actually ends up being faster, more secure, more durable, and a fraction of the price. In fact, in over three years of operations, we’ve never had a single file lost, hacked, or corrupted.
What would you consider the main challenges that developers run into nowadays?
Whether it's developers or DevOps, people who are looking to store data want to store it in a way that is secure, reliable, economical, and private. Unfortunately, they are often forced to make a tradeoff between what they can get from the centralized cloud providers.
At Storj, we have found a way to make it very easy for people to take existing applications and run them in a more modern, decentralized way – providing a bridge between Web2 and Web3.
How did the recent global events affect your field of work? Were there any new challenges you had to adapt to?
Storj operates a global network of disk drives, which we call nodes, that are run on every continent except Antarctica. This also includes drives that are run in the Ukraine and in Russia. Because we are a decentralized company, we have people who work for Storj in over 20 countries, including some in Ukraine.
Our top priority was to make sure that the people who worked with and for Storj were safe and taken care of – and we were able to do that. When you experience global events like war or natural disasters, you need to ask and consider what would happen if suddenly every drive in Eastern Europe and across 11 time zones in Russia suddenly went offline. When we did the analysis, it turned out that our data would be perfectly safe.
This is a good testament to the power of decentralization – if you set things up right, even losing large numbers of drives doesn't affect your durability or your performance. That is how we architected our system – not to lose data, not to lose uptime -- even if whole countries, or regions went offline. We realized that even if a war or natural disaster takes place, the nature of our system makes it resilient to almost anything.
As more companies move their workloads to the cloud, are there any details that might be overlooked when making the switch?
When people move workloads to centralized clouds like Amazon, Microsoft, or Google, the first few years are usually great. But often, they end up finding that they have become overly dependent on one or more providers. Many users wish they had better application and data portability.
Storj isn’t dependent on any single provider or geography, and that's really the whole point of decentralization. You are reducing your dependence on any one organization. Storj was designed as a system to not be dependent on any one piece of equipment, one region, or one person. That is why we designed a system that is resilient to failure because we know that people in institutions and equipment always fail. That's just the nature of how they work.
Why do you think certain companies are reluctant to update their cybersecurity or try out new innovative measures?
I think people are naturally risk averse and often operate in an environment where policies, procedures, and regulations were defined decades ago when technology was very different and before the transition to the cloud. Many companies still have outdated regulations that state IT needs to physically control the servers that the company’s data runs on.
Over time, people have come to realize that the cloud is generally more reliable and secure than running things locally. And, we think that more people will come to realize that the decentralized cloud can be an order of magnitude more secure, reliable, and affordable than the centralized cloud.
Besides quality data storage solutions, what other security measures do you think should be adopted by every modern company?
One of the biggest trends that you see people talking about these days is zero trust – which really has a lot to do with decentralization. Zero trust says that you build a system in a way that is resilient rather than assuming that there's a boundary between inside the company and outside the company, or good people and bad people.
Zero trust is a system that is designed to assume that there's a weak boundary between inside and outside and you assume that some of the people whom you believe are good, turn out to be bad. There is encryption throughout, people have very limited abilities to do things without additional approval, and you don't depend on the antiquated notion of security that believes you control all things – when in fact you can't.
As for individual users, what personal security and cybersecurity tools do you think everyone should implement to keep their data secure?
I certainly hope that, as consumers, people are using two-factor authentication. Passwords are easily cracked and guessed. As consumers, we should be using password managers and we should be using two-factor authentication on every site that's important to us. Users need to really consider where they are storing their data because data can get mined and can be used for bad purposes. It has gotten so easy for criminal gangs to access data, and use it for nefarious purposes, that users just want to be doubly sure that steps have been taken to limit personal exposure.
Recently, we announced a partnership with Gabb Wireless. If you're not familiar with Gabb Wireless, the company has built a service that targets tween users of mobile phones. They created a system that understands the safety needs of these young users but also limits the extent to which they may unwittingly share data. We partnered with them to create the Gabb Cloud. Part of the reason why they are working with us is not just the cost, reliability, and performance, but the fact that the data is secure and distributed so that there's no central trove of data for would-be hackers to attack. All the data is encrypted at rest, and widely distributed.
The way Storj is designed, breaches can't happen, because every piece of data is encrypted with unique keys, chopped up into lots of pieces, and distributed around the world. It is like spreading encrypted sand on an encrypted beach. We think that's the way things should be done.
What's next for Storj?
We are in a phase right now where we have a system that works really well and is reliable. For over three years, before we went into beta, we haven’t had a single file get lost, stolen, or corrupted. Right now, we're working to get our initial customers to be really happy and successful. We think that a decentralized cloud should be about more than just storage, it's got to be about networking and putting control back in the hands of users.
We also view ourselves as a bridge between the Web2 and Web3 industries and have customers that are moving to a decentralized infrastructure as a way to modernize. We have customers that are doing a lot of the decentralized work already -- people who are doing NFTs or decentralized finance (defi) and are working with us. What we think is really exciting is the intersection between the decentralized world and the non-decentralized world. We were revolutionary in our approach, and we want to make sure that we can benefit everybody.