The "nuclear football" allows the president to order a nuclear missile attack from any location, and ZenithSecure took its idea for a new data security vault straight from the playbook for protecting those launch codes.
"Basically, we were inspired by the U.S. government when reading that it takes two or three people using secret keys and codes to launch a missile, and we said, 'OK why not use three or more different entities to store data?'" says Mihai Motocu, chief technology officer for ZenithSecure.
The result is the cloud-based ZenithVault, which ZenithSecure calls the most secure database available for payment card data and other confidential information and one that is "practically impossible" for hackers to penetrate.
ZenithVault implements "secret-sharing," also known as "data-splitting," security techniques on as many as six servers, according to a July 2 press release from the company, which has offices in London and Transylvania, Romania.
Data-splitting breaks a credit card number into parts and stores each part on a different server. Each server is situated in a different geographic location running different operating systems, Motocu says. In most instances, just a single number, letter or word from personal information is split and distributed, so if a hacker were to gain access to one server, he might have access only to single random characters or numbers, or garbled bits of encrypted data.
"The main advantage is that if one server has a breakdown or is hacked, no critical information can be obtained from it," Motocu says.
Zenith encrypts data prior to placing it in various servers, providing even more security in the vault, Motocu says. "Encrypted data that sits in one central location is not enough to protect it from todays cyberattacks and processing power," he adds.
The concept of secret-sharing has been used in other forms of security and makes sense as an approach to data security, says Julie Conroy, senior analyst and fraud expert at Boston-based Aite Group.
"I have seen banking systems using a similar approach in sharing codes," Conroy says.
The only potential drawback, Conroy says, may come in authorization and processing times for e-commerce transactions.
"It will be interesting to see how Zenith is able to handle that part of it," Conroy adds.
ZenithSecure created ZenithVault Freeware, ZenithVault Enterprise and ZenithVault Software-as-a-Service in order to "help everyone" from large to small retail businesses, the health data or billing data companies and other e-commerce or brick-and-mortar organizations that store confidential data, Motocu says.
ZenithVault is cloud-based from a technical degree, but does not host data on cloud machines. "It works like a cloud, but not within a cloud," Motocu says.
Attackers would have to simultaneously breach at least three servers in different geographic regions using different systems just to be able to view "the entire encrypted secret" with no idea of how to piece it together, Motocu says.
ZenithVault also secures each "secret" with its own password, which only the Zenith client knows and can retrieve. The vault operates under a system known as Shamirs Secret Sharing scheme, or an algorithm in cryptography, Motocu says.
The system provides users with all security requirements for the type of data being protected. In the case of banks or retailers protecting card data, the system would help them attain "the highest degree" of Payment Card Industry data security compliance, he adds.
ZenithVault securely stores data for integration with a payment gateway provider for transactions and payments, or as storage for service providers such as hotels or car rental businesses that have clients consistently using the same card, Motocu says.
ZenithVault Freeware that offers encryption and at least three servers is free, and the company sets pricing for Enterprise and SaaS services based on client requirements and configuration needs, the company says.
"We want to contribute to a safer electronic world by helping protect consumer, company and government data," Motocu says. "This is why were offering the Freeware version. It ensures all organizations can immediately deploy better data security than they currently have."
Enterprise and SaaS provide advanced encryption and customized security measures, as well as the ability to handle an unlimited number of large data projects, Motocu says.