TSM can stop hackers from accessing your data

---

In the October 23, 2016, WIRED.COM article “Inside the Cyberattack That Shocked the US Government”, author Brendan I. Koerner presents an excellent chronology of the cyber attack at the U.S. Office of Personnel Management (OPM).  This overview, however, includes a reference to a fundamentally flawed but universally understood cyber security tenet; one that is THE reason we have been (and will continue to be) afflicted by massive data breaches:

“THERE IS A COMMON misperception that the surest way to frustrate hackers is to encrypt data… The first item groups like these usually swipe is the master list of credentials… the ideal is one that belongs to a domain administrator who can decrypt data at will.”

By combining already proven cryptographic approaches with a unique system of hardware, key and privilege management, the TSM Lockbox removes the ability for the domain admin account (along with all other accounts) to view protected assets, all while continuing to allow people and systems to perform their necessary work functions

We’re debunking several widely held misconceptions with our new model:

1. The Queen Bee paradigm - Every security system/network contains ‘the’ account that ultimately has controls to all other locations and accounts.  Using our methodology, we have a hive where there are certain places the queen bee cannot go or see.
2. The universal exception - The highest level account can turn off, reset, change, or cancel all known cyber security protections; for example passwords, multi-factor challenges, key stores, etc…  Using our approach, possessing these privileges will still not allow the domain admin (or any other account) to see protected information.
3. Not in my backyard - In the cloud, the highest level account is held by third parties.  With our software, those third parties still cannot see protected data.
4. Doing the same thing over and over again and expecting different results = #Insanity - Current cyber protections ignore the most persistent threat - the omnipotent domain admin account.  Launching our innovative solution, this most paramount vulnerability is addressed directly.
5. Humans vs. the machines - Larry Ellison of Oracle believes pitting humans against the Artificial Intelligence (AI) soon to be brought to bear by hackers will only make vulnerabilities worse.  With our approach, no account (machine or otherwise) can see secured information.

The vast majority of the successful cyber miscreants of the world (see Equifax, OPM, Anthem, etc…) have very little interest or motive to tackle the plethora of formidable cyber fortresses wrought by the billions of dollars spent annually to keep them out; they don’t need to.  

Albert Einstein once wrote, “The world as we have created it is a process of our thinking. It cannot be changed without changing our thinking.” Big Al nailed it.

So long as the process of our current thinking is predicated on the universally accepted doctrine that the domain administrators must and will have access to the keys to the kingdom, hackers need only focus on getting these credentials--and they can--and they will.

The real question is:  What do you want them to be able to see when they get there?