I’d imagine that any CEO would figure they already have Privacy-Enhancing Computation – at least if they a use a reasonably sophisticated IT service. It’s not unreasonable for a business owner with almost any form of IT to believe that something like this is already in place – but there’s a very good chance that it is not. Having Firewalls, Anti-virus (AV) and password authentication are great, but they are nowhere near the be-all and end-all of the defensive measures that are necessary for modern network communications.
This is an area to ask your IT provider, whether it’s in-house or outsourced. Any IT ‘professional’ that does not know what Privacy-Enhancing Computation is should be fired or replaced. Within the Charlotte IT Support community there are drastically varying degrees of knowledge and competence. Anyone can advertise and do business as an IT ’expert’ – whether they are or not.
Modern Cybersecurity is not a single technology that you download or buy in a box. The network methods enterprise uses to do business faster and more efficiently also create new risks, because nothing is ever perfect. Cyber criminals are right in step – they will find the flaws in new technology faster than you, the software/hardware vendor, or your IT support will.
It’s amazing how many CEOs and administrators still do not take data protection seriously. The simple truth is: Your data is the life blood of your enterprise. Lose it, and you will most likely lose your business within 6 months – a year at the outside – that is not an exaggeration.
Some data must be shared in the normal course of business, and in order to control the sharing – and who is able to have access to sensitive data, a Privacy-Enhancing Computation regimen must be put in place. Solid Cybersecurity is the key to business privacy and protection, and a qualified IT firm should implement the technologies.
What is privacy-enhancing computation?
Privacy-enhancing computation (PEC) is not one single thing – it’s a regimen or strategy in overall security planning - a way to share data to an extent that facilitates the flow of business, allowing a second party to extract the value they need, but without exposing your most confidential data. Only the two parties to the transaction are given the ability to share actionable data without passing on sensitive information as well.
There are a number of steps involved in making this happen: Zero-Knowledge Proofs and encryption are the first two.
What are the types of privacy preserving technologies?
Typically, a top-notch Managed Services Provider (MSP) will know the nature and electronic flow of a company’s data and will implement the procedures that best protect their client’s data. The most common tools or technologies used to establish the highest protocols for Privacy-Enhancing Computation are:
Zero-Knowledge Proofs:
This is a method for verifying the proof of knowledge of some bit of information offered by the ‘prover’ to the ‘verifier’ without revealing the actual information itself. (See the FAQ below).
Homomorphic Encryption
This a step beyond standard cryptography. Homomorphic encryption protects data as it is being used in computations. Workers and collaborators see and work with data that appears decrypted, but in fact it is encrypted the entire time. Too many IT providers still use standard encryption.
Secure Multi-Party Computations
Secure Multi-Party Computation (SMC) allows multiple workers within one company or several, to collaborate on projects using computing functions over their inputs without revealing them individually. While the computational operations are shared among all parties, no single party has knowledge of what was done by any other party at any time during the process. This keeps all collaborators on a ‘need-to-know’ basis.
Differential Privacy
Databricks defines Differential Privacy (DP) as, “A system for publicly sharing information about a dataset by describing the patterns of groups within the dataset while withholding information about individuals in the dataset.” The data necessary for the work or transaction is shared, but the digital identities of those involved remain hidden.
Trusted Execution Environments
A Trusted Execution Environment (TEE) is a section within the main processor of any device that is separate from the device's main operating system (OS), ensuring that data is stored, processed and protected in a secure environment and does not travel through less secure areas.
Also used in the overall strategy are:
Communications anonymizer: This hides a user’s true online identity, replacing it with a disposable, non-traceable identity.
Pseudonymization: Replaces a true identity with artificial identifiers (pseudonyms), which hides data from potential hackers.
Obfuscation: Adding misleading data to a profile or log to defeat intrusive algorithms by masking the data.
Format-Preserving Encryption: A cryptographic tool that encrypts in a way in which the ciphertext (output) is in the same format as the plaintext (input).
Frequently Asked Questions
What is a Zero-Knowledge Proof?
A: The definition of a Zero-Knowledge Proof cannot be found in a 5 or even 10 words. It is a method of using encryption to verify knowledge of a certain thing without revealing the thing itself, such as proof of a personal identity.
Example: Party A needs access to something from Party B. Party B has agreed to allow access to Party A, but needs proof that Party A is in fact Party A. A ZK proof enables Party A to prove they are Party A without revealing Personally Identifiable Information (PII), such as name, address, etc. The long, technical name of the application used by Blockchain and Zcash is ‘zk-SNARK’ (zero-knowledge, Succinct, Non-Interactive Argument of Knowledge).
For a better understanding of a ZK Proof, cryptographer Jean-Jacques Quisquater developed the story of ‘The Ali Baba Cave’ in his paper "How to Explain Zero-Knowledge Protocols to Your Children."
What is a zero-knowledge proof example?
A: Aside from ‘The Ali Baba Cave’ story in the FAQ above, 101 Blockchains provides a few simpler examples HERE.
What is encryption and how does it work?
A: Encryption has been used throughout history. Well known examples are the German ‘Enigma’ machines and the use of the Navajo language to convey messages during WWII: Encryption produces a coded message. In digital communication it is a method of encoding data in a way that makes it available only to authorized parties. Encryption software scrambles the data as it sent. The data can be decrypted on the other end by using a key provided by the sender.
All business data should be encrypted when communicated or stored. If a hacker manages to breach the data, they will not be able to read it.
Is VPN a privacy enhancing technology?
A: VPNs (Virtual Personal Networks) offer some very limited online protections, but are only basic tools, and technically not prominent in an advanced Privacy-Enhancing Computation strategy.
How secure is your network?
As a longstanding, reputable member of the Charlotte IT Support community, ITFirm.com offers a FREE, no-risk network and security assessment. We perform a non-intrusive scan that allows us to deliver a comprehensive report of the state of your system and its vulnerabilities that is yours to keep. There are no strings attached, and you are under no obligation to ever use our IT Services.
The two best defenses are next-generation Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider to ensure continued reliability and defenses against newly emerging threats.
We put our 100% Money Back Guarantee in writing, so there is no risk in trying us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.
Among the Managed IT services we provide:
IT HelpDesk Service
Onsite IT Support
Cybersecurity
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)
Planning an Office Move?
Contact us today! We have the experience to ensure a seamless transition. After the move, your employees will arrive at the new location to find their IT infrastructure ready and open for business!
For more information on office moves, or to receive your FREE no-risk network and Cybersecurity assessment, just fill out the form on this page or call us at:
704-565-9705
