StrongSalt Cracks the Privacy Problem with First Open Privacy API, Making Encryption Usable in the Cloud

December 3, 2019 Off By David

In a move to address today’s major problem behind privacy – making encryption usable – StrongSalt announced today the first Open Privacy API for searching and sharing encrypted data in cloud services and enterprise applications.

The cloud is now home to massive amounts of data as organizations migrate their modern business applications. But studies show that less than ten percent of cloud providers are encrypting their data once it is stored at rest, leaving sensitive corporate and personal data vulnerable to unauthorized access and data breaches as well as exposing companies to hefty fines as the US and EU ramp up enforcement of privacy regulations.

By introducing the ability to search and use data while it remains encrypted, without exposing it to risk, StrongSalt opens the potential for mass adoption of encryption, allowing both security and accessibility to co-exist in a privacy focused world.

“Starting January 2020, any organization that suffers a reportable breach affecting the information of California consumers will face potentially enormous class action litigation costs under CCPA and StrongSalt’s approach is the only ‘get out of jail free card’,” said Lydia de la Torre, a practice lead at global law firm of Squire Patton Boggs who provides strategic privacy compliance advice related to US and EU privacy, including data protection and cybersecurity law, GDPR, CCPA, other state’s privacy and cyber laws, US financial privacy laws.

StrongSalt’s encryption as a service (EaaS) API makes it easy for developers to build data protection into any application or workflow, featuring:

  • Decentralized searchable and shareable encryption protocol: data is searchable online and offline without decrypting it first, with an unprecedented level of control over sharing
  • Blockchain-agnostic immutable and trusted distributed ledger: trackable audit trail of all related events
  • Protected data: data is never at risk of exposure, preserving both business and consumer privacy
  • Can be applied to all data types, including files such as JSON, documents and even passwords and keys

Already, enterprises are using StrongSalt for Encrypted Box Files, Encrypted File Vaults and other enterprise use cases.

“StrongSalt’s Open Privacy API initiative has the potential to transform the future of privacy and encryption,” said John Kindervag, the creator of the Zero Trust security model and field CTO for Palo Alto Networks. “In an era of regulations such as CCPA and GDPR, as well as the tremendously negative effect on human beings of having their data stolen, this approach gives businesses exactly what they need: easy to use encryption technology through an API that allows data to be searchable while protecting it from unauthorized use and exfiltrations.”

“StrongSalt’s API promises to do for data privacy what Stripe has done for payments and Twilio has done for communications,” added Tony Scott, Tony Scott Group, former Federal Chief Information Officer and former CIO at VMWare, Microsoft and the Walt Disney Company.

StrongSalt, founded by Ed Yu, the former founding engineer of publicly traded cybersecurity company FireEye, recently completed its seed round of financing and announced three searchable-encryption-related patents secured from the United States Patent and Trademark Office. “The fundamental thing that search technologies have taught us over the years: if you can’t find something, it doesn’t exist. Current encryption solutions do a good job of keeping some information under guard but you can’t use it. These were never equipped to allow for accessibility or scalability. We have made this possible for the first time.”

The Open Privacy API is freely available at https://www.strongsalt.com/. StrongSalt is planning to offer the API in the AWS Marketplace in early Q1 2020.