ALTR, after nearly four years of stealth development, has released a software package which it claims exploits the security benefits of blockchain. David Sikora, a software industry veteran and former executive chairman at Stratfor, is the CEO.
Sikora executed the first internet software IPO in Texas with The ForeFront Group. He previously served in leadership roles at Digby, Motive and Pervasive Software.
“We have a choice between change or breach,” said Sikora. “Network-focused security isn’t enough because it never really puts a dent in the sheer number of vulnerabilities.
“Rather than patching the existing attack surface, ALTR has found a way to significantly reduce it. In fact, with ALTR’s full solution in place, the threat vectors for data move to nearly zero. Digital trust can finally be restored.”
A call to arms: change or breach
ALTR emerges amid the rising adoption of the cloud and microservices, native mobile apps and the Internet of Things. New threat vectors continually appear, with an anticipated multi-trillion dollar cybercrime impact on the global economy.
This expanding attack environment represents a mixture of temptations and economic incentives. Often these reward bad actors who seem to be one step ahead of security providers. Enterprises find they are trapped them in a losing cycle of:
- software patches
- new applications
- overwhelming complexity.
Reinventing the data security model
The need to engineer a new security architecture led ALTR to blockchain. For ALTR no technology was as security-hardened as blockchain, even though its original application (to cryptocurrencies like Bitcoin) did not involve the flexibility, privacy and performance needed to secure critical corporate information.
Leveraging ALTRchain as a foundation, the ALTR platform applies blockchain’s virtually inviolable structure to data security. The objective is to eliminate threats to data through private blockchain, in-line data techniques, real-time alerting and reporting for business enablement.
Sikora continued, “Three things are necessary to restore trust around data usage. It is crucial to see and understand access needs and to share this view among executives and IT so that everyone knows the truth. There also needs to be a means to cut off access when it is inappropriate or defies policy, and to protect data in a way that reduces or even eliminates the ability to steal it.”
Some ALTR platform background
ALTR has built its platform on ALTRchain, a high-performance, enterprise-grade blockchain technology for ultra-secure data access and storage. ALTR claims its platform is “virtually impenetrable to attack”. As such it is a data-security solution with which organisations can monitor, access and store critical information.
The ALTR platform approach means it is virtually invulnerable to attack all the way through to the last mile connecting applications to data. This will make mobility and cloud initiatives safer, if enterprises adopt it. If correct, the ALTR approach:
- moves beyond failed and outmoded perimeter systems
- presents a new paradigm in cybersecurity.
Deployed directly into the access path – between data and applications – the ALTR platform claims to “return agency to the C-Suite”, by giving executives intelligence about their most valuable data assets. The ALTR platform enables technical and non-technical staff (CEO, CISO, CCO and IT professionals) to foster relevant collaboration on data security. It gives them the broad view as well as control over how an organization’s data assets are used or seen and by whom.
The ALTR data-security platform
The ALTR platform has three main elements:
- ALTR Monitor, for data-access intelligence: this provides detailed intelligence on all data-access activities with reporting which describes data the way business stakeholders do and creates a 100% accurate audit trail of immutable, blockchain-based log files
- ALTR Govern, for data-access governance: this makes it possible to control how individuals access business applications and ALTR Govern lets users create and apply rules-based, granular locks and access thresholds to neutralize threats in real-time
- ALTR Protect, for data-at-rest protection: this decentralizes sensitive data, breaking it into pieces and storing it across a private blockchain which means forced access to any single node is meaningless because it contains only fragments of data; there is no master map, encryption key or decoder to steal.
ALTR has also opened up access to its proprietary blockchain via its ChainAPI which equips developers with the means of adding ALTRchain to any application on existing hardware or software infrastructure. There is support for all major database platforms (including Microsoft, Oracle and open-source stacks).
Optimized for ultra-low latency and scalable data storage, the ChainAPI is accompanied by infrastructure-as-code for flexible deployment in nearly any node distribution which :
- makes it possible to create secure data storage in the public cloud or other uncontrolled environments
- can assemble multi-party contracts or file briefs inside an ALTRchain.
Enterprise Times: what does this mean
ALTR has raised $15 million in funding from institutional and private sources in the cybersecurity, IT, and financial-services industries. The funds will extend the reach of the ALTR platform into the enterprise and bring additional ALTRchain-based products and solutions to market.
According to ALTR this will unleash cybersecurity benefits for the enterprise by using a blockchain base. The ALTR platform “restores digital trust to organizations by fundamentally changing the way valuable data is monitored, accessed and stored”.
It all sounds wonderful, and not a million miles away from what Guardtime does (albeit in a different way). Enterprise Times looks forward to being able to talk with end users who have implemented ALTR’s approach to understand how it functions in a practical and operational environment. This will be the acid test.