Nicholas Buchanan, Chief Technology Officer & Co-Founder
Being in the Identity industry, I was surrounded by failure.
I encountered everything - half implemented SSO, islands of identity data, orphaned user accounts. Worst of all was the ease at which controls could be circumvented. The value of a solution quickly unravels when you are required integrate across three or four different vendors and put all of the responsibility and risk on yourself.
Layers of data encapsulation and proxying, bad certificates, each investment only adding incremental, if any, benefit – all contribute to the problem. Customers were double, even triple buying security products with same or similar capability, not because they needed it, but because of the regulatory climate, and lack of familiarity with the products.
As the expression goes, a camel is a horse designed by committee. While either is perfectly suitable for travel, only the horse can win the Kentucky Derby, and when you're protecting a business against a skilled adversary you had better be prepared with your A game.
The scale of this liability hit home when a large movie studio called for help. This was big: a $50MM company reduced to internal paper memos. The attacker went for the jugular - absolutely every system was down and not by exaggerative effect. It literally required people running office to office with paper memos to keep the business running.
Bad actors are not going after your high-end network firewall, they don’t need to bother.
Target - got in through the HVAC system, at Bellagio - a fish tank controller. And, for every one that makes the news, they’re 1000’s kept secret to protect shareholder interests. That was the failure I saw and committed myself to resolve.
Armor Scientific provides a patent pending distributed consensus authorization algorithm. Domain members have very specific guarantees of data integrity supported by asymmetric cryptography. Because Armor behaves on the assumption that you are already under attack, we transparently embed cryptographic key signature data inside well-known protocols, and by not breaking these protocols, the signature data can traverse over an existing infrastructure.
Data is verified by consensus of the network, and not one single entity. The higher sensitivity of the data, the greater the verification, however the minimum requires a double blind three-way agreement AND renders the majority of existing attack vectors defunct. The severity of the attack is directly proportional to the countermeasure, and with Armor, it happens without end-user or administrator interruption on day one.
Armor tips the rules of the game in your favor.
Expect more - a lot more - and make identity software work for your users instead of asking your users to work for your identity software.