Domo has announced it has introduced new cloud security technology for its Bring Your Own Key (BYOK) software, which includes unique capabilities like rolling generation of data encryption keys and a built-in kill switch.
Domo BYOK is the first BYOK enterprise software solution for cloud analytics and business intelligence, and builds on the company’s existing security, compliance and privacy protocols to meet the security needs of its customers.
Domo BYOK embraces a security partnership model, which puts customers in the co-pilot chair as the data controller of their own unique instance while Domo acts as the data processor.
Through this customer-controlled encryption, organisations can revoke the encryption key at any time, nullifying all data in the Domo Business Cloud and making it so that no one will have access to sensitive data.
Domo BYOK is designed for each customer to manage its own cloud instance in accordance with internal security and compliance requirements, so Domo becomes a secure extension of the customer’s internal network.
Domo BYOK breaks new ground for BYOK solutions by assigning a unique key, which can currently be rotated every hour and also allowing customers to remotely delete any residual data in memory.
Here are the key capabilities of Domo BYOK:
- Key management – Domo’s key management service creates keys based on a per time model. For example, a new key can be automatically generated every hour. Therefore, if any one key is compromised, an intruder will not have widespread data access. In this model, thousands of keys can be created annually, making data more secure.
- Kill switch – Domo has built a kill switch directly into the customer’s interface, so when time is of the essence, there is no need to contact Domo to execute the kill switch. Two authorised administrators can execute the kill switch by logging into their instance separately, activating the kill switch, and rendering data in caches and indexes unusable in seconds. Instantly, the data is dropped and the customer’s activity logs record the event.
- Event logging – Domo automatically logs and records all activity within a customer’s instance, giving admins the ability to see how their data is being accessed at all times. If a customer chooses to revoke its encryption keys and execute the kill switch, this event is also logged so the organisation has immediate confirmation that its data is no longer accessible.
Niall Browne, CISO, senior vice president of security and trust at Domo, said for highly regulated industries like financial services, health care and government, secure, real-time access to data is crucial.
“It’s been one of the biggest deterrents in migrating data to the cloud for regulated industries,” he said.
“With Domo BYOK, we’re significantly reducing the concern of companies in these industries by giving them full transparency and complete access to their encryption keys. Domo is opening up the possibilities for companies to truly harness the power of their own data.”