Joe has recently blogged about Google and privacy, an important point I’d like to amplify today. I believe a crtical component of any system with enterprise pretensions, is that the vendor should have no access to your unencrypted content.

In the board space, where content can include market moving M&A discussions, such privacy is non-negotiable. However, in many areas of the enterprise, particularly within the C-level suite, a similar level of security is required. Those same M&A discussions will inevitably involve the executive team. Add in company strategy, product launch details and HR issues, you get a body of content no vendor should have access to.

Yet, the vast majority of today’s hosted services, and not just consumer-focused apps such as Google, do indeed allow for vendor access to content. In other words your provider’s staff can snoop on your content if they have that inclination.

At BoardVantage we’ve eliminated that risk through a software architecture that assures that no BoardVantage staff member can ever access your content. Unlocking your content, requires 2 executives (including the CEO) to provide their 2 separate keys. In addition this process architecture is audited annually by a third party firm and the results are reported to the company’s board. Similar processes exist in ultra-secure military facilities. We take your privacy VERY seriously. Another key element of our design is the use of distinct customer keys, so that your data can never be unwittingly part of that of another customer’s. This is very different even from many financial institutions where systems administrators often have access to customer data.

Such an approach does not come cheap. There is a significant hardware cost in terms of CPU cycles to support the encryption. There is also a maintenance cost as customer data cannot be used for debugging, engineers have to imagine scenarios and work backwards. Perhaps even more significantly, there is a people cost in maintaining a process that directly involves our executive staff.

We do believe however, that even though none of our competitors bother with such an approach, enterprises will come to appreciate the importance of this issue, and increasingly will demand on point of principle no vendor access to content.

This entry was posted on Tuesday, August 10th, 2010 at 7:50 AM and is filed under BoardVantage News, Industry Comment. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.