The digital transformation caused cyber criminals to have a larger attack surface due to employees connecting on unprotected personal devices and networks. To patch these vulnerabilities, organizations are in need of advanced security measures.
There are various threats in the digital world and some of the most dangerous for companies are data breaches. Criminals have more opportunities to exploit businesses and steal sensitive data, which can lead to losing customer trust, large sums of money being stolen, and other consequences.
For this reason, various cybersecurity measures, such as Virtual Private Networks (VPNs) and data protection services, exist.
We invited Randhir Shinde, the CEO of Galaxkey – a company that specializes in data protection and encryption services for enterprises. Our guest shared his views on the current digital environment, cybersecurity threats, and their prevention methods.
How did the idea of Galaxkey come to life? What has the journey been like since your launch?
Galaxkey was founded in 2010 to provide a data protection solution that is both highly secure and easy for everyone to use. It's what we call "the perfect balance" between privacy protection, ease-of-use features, and flexibility, and is much needed to protect data against cyber thieves. After exploring various models between 2010 and 2014, we developed an ultra-secure platform that fitted the bill, allowing us to launch commercially.
Our mission from the start has been to provide the highest level of security for our users in a very simple and easy way so that they can rest assured that their data is safe and protected. Since we launched, we have constantly worked to improve our products and services, so that we can offer the best possible protection for our users.
Cybersecurity moves fast – it has to, as it needs to stay ahead of the many new threats that appear on an almost daily basis, and because of that, it’s an interesting space to be in. So interesting in fact, that Sir George Zambellas joined us as our Chair in 2016. He saw what value our company could add towards making things better and wanted to help us achieve even greater things.
Can you tell us a little bit about what you do? What methods do you use to protect data?
We take data security very seriously.
We have several products and each one uses the same identity-based encryption model. It means that each time someone wants to access a piece of your data, they must present the correct identity and authorization. If they don’t, then they cannot retrieve the data.
By tying access to identity, it allows users to work from many devices, platforms, and regions with no loss of security. And it also frees an organization to work however it wants to while remaining protected at all times.
We secure data with FIPS 140-2 compliant encryption algorithms, which is a benchmark standard set by the US Government.
By combining this with identity-based authentication, we are amongst the most powerful data protection platforms available today. In fact, our encryption has been tested and approved by the NCSC to CPA standards.
In your opinion, which industries should be especially concerned with encrypting their data?
To start, this isn’t just about encrypting data. It’s about protecting your most valuable asset from harm, no matter where it is or where it goes. It’s something that every business in every industry needs to do, and it’s no longer a “nice to have” – it’s a necessity. Yes, there are industries that hold incredibly sensitive data, and these are heavily regulated. Finance, education, and the public sector, for example, need an extremely high level of protection – not only to ensure the safety of the data that they hold but also to ensure that they meet the stringent regulations they are guided by.
However, EVERY business holds data that needs to be protected. I can’t think of one industry that doesn’t hold sensitive data of some description. Think about all of the PII (personally identifiable information) that every company holds – names, addresses, bank details, tax numbers... The list is endless. And if this information were lost to a threat, then it could mean disaster for the business and for the individual whose data was lost.
Do you think the recent global events affected the way people perceive cybersecurity?
I think that Covid-19 forced businesses and their people to take a long hard look at how they secure their data. There was much talk of the “new normal”, with the mass exodus from traditional offices into a working from home environment. The challenges that brought to businesses were immense. They needed to ensure the safety of their data, and cybersecurity products that allowed them to do so were pushed to the front of everyone’s minds.
It looks as though home working is here to stay, too, so businesses will need to continue to mobilize and be flexible in how they approach securing their data.
There really is no more flex to “wait and see” – if you have data, you need to make sure it’s safe.
What issues have you noticed arise most often among teams working remotely?
Remote working brings with it a whole array of cyber challenges, but I think that one of the biggest challenges brought on by the “new normal” is that many employees need to use their personal devices and their home network for work. This gave hackers a much greater opportunity to steal sensitive information due to limited security on both the devices and the networks.
It’s an issue that Galaxkey has been able to resolve for our users very easily, though. Our platform can be accessed on any device and any network and allows for important data to be stored and transmitted incredibly safely.
In your opinion, what are the biggest mistakes companies make when it comes to handling large amounts of data?
I think that complacency is one of the biggest mistakes many companies make when it comes to handling data. The reasoning that it won’t happen to them or that they have nothing to protect is often used as justification for not taking data security and privacy seriously. However, the truth is that companies of all sizes are equally at risk when it comes to data breaches. All data is precious and should be treated as such – a loss of trust or a leak of data can be catastrophic, both for the data owner and the company entrusted with keeping it safe.
Another mistake is that focus has traditionally been about stopping hackers from accessing your business, not about protecting the data if – and when – defenses are breached. Organizations need to see the necessity of focusing on data protection in the event of a breach.
Finally, I believe that it’s a mistake to trust third parties and cloud provider systems without fully understanding how this data is kept safe, where it is kept, and what happens to it when it is transmitted from A to B. Every organization needs to be fully aware of these basics at every step of the journey of their data. If they don’t, it could lead to serious consequences.
What would you consider the most serious cyberthreats prominent today?
Cyberthreats are becoming more complex and harder to deal with. They range from ransomware attacks, where data is held hostage against a demand for payment, to national-level threats, denial of services, and specific targeting of areas that are critical to national infrastructure and defense mechanisms.
The increasing interconnectivity of our digital worlds means that data is ever more valuable to attackers, so it’s more important than ever to have the right mechanisms in place to protect it. And that means having protection in place even if the attackers manage to get through your outer defenses.
Talking about average Internet users, what security measures do you think everyone should implement to protect their data?
Everyone needs to understand that they can be hacked – that no one is off-limits. Data is the new gold for criminals, and the theft of it can have devastating effects on individuals and businesses. If we can educate people about the dangers of cyber crimes and how simple security techniques can protect them, then we’ll start getting somewhere.
Everyone has a lock on the doors to their house so that they can make the contents safe from theft, and in the same sense, everyone needs to have a lock on their sensitive data so that they can keep that safe from theft too. The simplest way to do that is to encrypt the data.
Would you like to share what’s next for Galaxkey?
We’ll shortly be launching LockChat. It’s our new enterprise-ready team communications solution. It uses the same pure end-to-end encryption that our other products use so that even your team conversations are kept private and confidential. And because it’s powered by Galaxkey, it’s fully compliant and fully secure.