Law enforcement is creating a data tsunami

One of the most visible areas for video growth and use, is in Law Enforcement(LE).   LE agencies have quickly adopted many different tools for operations[1] including Unmanned Aircraft Systems, Throwable Robots, Body-Worn cameras, Dash Cams, Bystander Videos and Crowdsourcing Videos.   With demand growing, prices have fallen at an estimated annualized rate of 3.2%[2].

There are nearly 18,000 state and local police departments in the United States and almost one-third of them are putting body cameras on their officers according to a 2016 Time article.  It further goes on to show that in 2016 uploads were occurring every 1.6 seconds equaling 2.1 petabytes.   When video is shot in 1080p format storage needs for that video can double.

On the flip side, each upload can incur costs and time relating to management including reviewing and categorizing.  During investigations, reviews, or inquiries, thus driving upward costs.   Chain of evidence requirements are needed for full lifecycle management, which continue to drive costs upward.

Beyond just Law Enforcement use cases, there is a growing amount of data being created and stored closed circuit systems monitoring ATMs and street traffic, surveillance systems, text and call records, social media and other electronic records.

Leonovus 3.0 process of Data Lifecycle Management (DLM) begins when the data is downloaded from a device or location.  Once downloaded, the source is catalogued and digitally signed becoming an immutable entity: a fixed entity.  At that point the source has an unbreakable chain of evidence that is auditable and reportable and in a single digital repository.

Leonovus’ unique architecture decouples data from the infrastructure and places enhanced security and flexibility on the movement of data which allows IT controls on the data across the entire data plane.  Thus, an opportunity exists for Law Enforcement and others to meet business goals (secure cataloging and cradle to grave chain of evidence) while improving ROI by reducing overall capital costs.

Leonovus 3.0 supports on-premise, hybrid and multi-cloud data storage, with all architectures meeting your security and compliance requirements.


Click here to learn more about Leonovus 3.0










Data breaches increasing – latest statistics

Unfortunately the world we live in today does mean that data breaches are occurring and in fact they are increasing. The latest statistics from US based Identity Theft Resource Center (ITFC) were made available on February 21st, ITFC has tracked data breaches since 2005, and in 2017 there were a total of 1579 data breaches, an increase of 45%, with the largest total number of breaches highest for businesses and healthcare.*Increasing Number Of Data Breaches by Industry

On a positive note for healthcare from 2016 to 2017 number of breaches have decreased by approx 10%. However the finance sectors breaches have grown almost 4%.   Now a percentage of the dramatic increase YOY could be attributed to better reporting, but the point does remain there is definitely an increasing problem with data breaches.*

Another critical point identified in the report is the change of the types of breaches.

Category of Data Breaches and YOY% Change

Year over year hacking and unauthorized access are the 2 main categories of breaches which have had the most increase. Good news is the decrease due to employee error or negligence.

Businesses are seeing the largest increase in breaches. Breaches affect their brand, impact their employees and customers. Because breaches will happen, as the statistics illustrate, businesses have to protect the data!


*Facts for this article are from Identity Theft Resource Center,


Morning coffee, Winklevoss twins and Leonovus 3.0

Most mornings when I get up one of the first things I do is make myself a cup of coffee and start reading the online journals, which usually includes The New York Times. This morning as I flipped through the articles in The Times, one caught my eye “How the Winklevoss Twins Found Vindication in a Bitcoin Fortune”:

The virtual currency stockpile that Cameron and Tyler Winklevoss began amassing in 2012 is now worth around $1.65 billion. They have no plans to sell.

Working in the technology arena, this heading caught my eye and I proceeded to read the article. About two thirds of the way through the article, where the author is discussing the Winklevoss’ investments, specifically Bitcoin, is the following couple of paragraphs:

“Every Bitcoin sits in an address that can be accessed only with the corresponding password, or private key. The problem with this system is that anyone who gets hold of a private key can easily take the Bitcoin. And unlike money taken from a bank account, stolen Bitcoin are essentially impossible to retrieve. A number of virtual currency exchanges and wallets have collectively lost billions of dollars’ worth of Bitcoin to thieves.

The Winklevosses came up with an elaborate system to store and secure their own private keys. They cut up printouts of their private keys into pieces and then distributed them in envelopes to safe deposit boxes around the country, so if one envelope were stolen the thief would not have the entire key.”

I immediately was stopped in my tracks… what the twins are manually doing to protect their ‘data’ aka private keys, is PRECISELY what Leonovus 3.0 does digitally with an even higher level of security. Think about this, what happens if the Winklvosses have chosen a safety deposit box in a building which becomes severely damaged, or one or more of the envelopes doesn’t make it to the safety deposit box because of a vehicular accident?

I don’t know where they put the envelopes, but instead of mailing physical envelopes what if they could have digitized the private keys, ‘cut up’ the digitized private key into say 25 pieces and sent these ‘pieces’ anywhere they wanted to in the entire world AND when they decided to break the digitized private keys up into 25 pieces they specified that they ONLY NEEDED say 16 pieces to reconstitute their private keys and only THEY were authorized to reconstitute their private key. And all of this took just a couple of clicks on a key board. The security level is increased exponentially, the time to execute is reduced to seconds, and any other sensitive data can easily follow the same process.

What the Winklevosses Twins are doing manually to protect their highly sensitive data, is very astute. The opportunity for them and others with similar sensitive and valuable data is the understanding that what is a powerful manual process, has been developed into an automated and more secure solution and can easily scale to petabyte sized data if needed. It’s called Leonovus 3.0.

Could a strong second Line of defense have mitigated Equifax’s damage?

The recent Equifax data breach was one of the largest digital disasters ever. An unknown group successfully breached Equifax’s online services firewall, through a known system flaw that was scheduled to be corrected and stole personally identifiable data – names, addresses, social security numbers – for 143 million Americans and potentially 44 million people in the UK. This stolen information may seriously affect the privacy of millions of individuals, companies, and government for years to come. The mitigation and clean-up of this cybercrime could cost billions.

All companies, organizations, governments, and agencies have technical debt, which immediately begins to accrue following the installation of new and complex IT systems. As the IT system ages, a multiplicity of factors causes the technical debt – hardware and software obsolesce; the business requirements become more convoluted; new technologies bolted onto old technologies; key staff come and go affecting corporate IT knowledge, and the bad guys continually try to stay one step ahead of IT security. If the IT department is not security paranoid, then the probability of a data breach increases dramatically.

The major issue that the Equifax breach has cast a spotlight on is system breaches are inevitable. While we agree that stopping the violation in the first place is the first line of defense, the second line of defense is ensuring that the data isn’t usable by the hackers. For this second line of defense, the CIO will need to;

  • De-couple the data from the underlying IT infrastructure,
  • Introduce mechanisms to impose, maintain and monitor different levels of data security through obfuscation, encryption, deconstruction, and geo-distribution of the data, based on the data stored and the corporate governance and regulatory compliance required to protect it,
  • Acquire tools that ensure IT controls extend from on-premises out to hybrid, multi-cloud storage architecture,
  • Compliance monitoring/reporting of data governance policies will become a paramount IT system,
  • Ensure cost optimization concerning the trade-off between data security and storage efficiency,
  • All of the above, with IT operational simplicity.

Given the new data security realities, the IT department’s mandate to improve services and reduce costs will not change. Consider the introduction of the General Data Protection Regulation (GDPR) in the EU and their structure of corporate fines for personal data loss.  

“In May 2018, a two-tiered sanctions regime will apply. Breaches of some provisions by businesses, which legislators have deemed to be most important for data protection, could lead to fines of up to €20 million or 4% of global annual turnover for the preceding financial year, whichever is the greater, being levied by data watchdogs. For other breaches, the authorities could impose fines on companies of up to €10m or 2% of global annual turnover, whichever is greater.” 

The regulation applies to organizations that collect data from EU or process data on behalf of data collector on persons based in the EU. The Regulation also applies to organizations based outside the European Union if they collect or process personal data of EU residents.

Given that fines are in the millions of dollars, the CIO’s of any organization with EU customers have a clear incentive to improve the data security and data compliance and second line of defense – let alone the loss of confidence impact from their own customers.

Three Myths Slowing Enterprise Cloud Data Storage Adoption

IT departments at high-performance computing enterprises are too often seen as cost centers. Many forward-thinking CIOs struggle to implement large-scale innovative technologies without sufficient C-suite buy-in, which can often be difficult to secure given the expenses of sophisticated advanced scale technologies. Though many executives understand that their technological foundation correlates with profitability, they often see new IT initiatives as costly ventures that don’t necessarily guarantee positive results.

Due to the vast amount of data involved in organizations using HPC-class technology, hyperscale computing and cloud storage technology becomes a necessity.

However, the more sophisticated the organization’s computing, the more difficult it becomes for CIOs to convince business leaders to transition operations onto new cloud technologies.

To do so, CIOs may have to dismiss cloud myths that may make the rest of the C-suite hesitant to transition. Here are three common misconceptions about cloud technology and how IT professionals can address them:

Myth 1: Moving data onto the cloud is less secure than on-premise systems

Across the enterprise, C-suite executives and employees alike are often hesitant to migrate away from on-premise solutions for fear that their data will be lost “somewhere on the internet.” CIOs can address these security concerns before they arise by educating business leaders of the technology behind cloud storage that ensures security. Data security has come a long way in the past few years, going from using physical safeguards to digitally protecting information. In this way, cloud-based data is usually even more secure than it was on traditional storage methods. Layers of encryption and geodistributed storage models help keep cloud data out of the wrong hands while meeting regulatory compliance requirements.

Myth 2: Transitioning to the cloud will slow down existing operations

When C-suite executives are busy meeting day-to-day demands, adopting cloud technology may be the last of their concerns. It’s tempting for business leaders to keep current storage models as they are when there aren’t obvious problems arising. However, it is the CIO’s responsibility to proactively suggest cloud offerings even though the preexisting on-premise storage system isn’t necessarily broken. Many executives also see adoptability as a main concern and believe that switching storage software will put enterprise operations at a standstill. In actuality, today’s cloud technology options are increasingly intuitive to deploy and don’t require significant transition time. In the long run, the sunk costs of taking the time to deploy and educate employees on new systems will be validated by substantial ROI.

Myth 3: Cloud systems won’t benefit the entire organization

When convincing C-suite leaders to sign on to innovative cloud technology, it’s helpful to communicate the cloud’s benefits in a way that will resonate with their main organizational concerns. For instance, a CFO will likely be focused on cutting costs and increasing ROI, so CIOs can emphasize the value-generating benefits of cloud technology, such as lower fixed costs and faster speed to market. Similarly, leaders in the legal and regulatory department may be concerned about meeting industry requirements for data protection, so CIOs can communicate which enterprise cloud systems fulfill governance, risk management and compliance (GRC) requirements and meet compliance standards.

If IT leaders can understand and address specific issues in various departments across the enterprise, they can demonstrate a holistic understanding of individual needs that can help them gain C-suite credibility. When they have gained trust across the organization, CIOs have more freedom to seek out and deploy innovative technology initiatives and eventually redefine themselves from fix-it centers to innovation enablers.


Three ways IT leaders can leverage cloud technology to get a seat at the C-suite table

The role of the IT department is changing across enterprises. A company’s digital transformation largely determines its success, from streamlining internal processes to attracting and retaining customers with innovative digital offerings. Still, many IT leaders struggle to get C-suite attention for ambitious projects. Though CIOs strive to deliver cost-saving solutions, other C-suite executives often fail to see the ROI of digital innovations and view IT as a substantial expense. Today’s IT manager isn’t a help desk for employees; they’re responsible for strategically planning a company’s storage options based on factors like security, cost and usability. With cloud technology, IT leaders are in a position to increase company innovation while cutting costs. This provides a great opportunity for CIOs to demonstrate their abilities as strategic players in the company and gain credibility across the C-suite.

Here are three ways IT leaders can effectively implement cloud technology across their enterprises and, as a result, get a seat at the C-suite table: 

1. Become well-versed in cloud system offerings

IT leaders must become well-versed on different types of cloud technology as well as its various functionalities before they can move the entire enterprise onto the cloud. Many CIOs who are accustomed to on-premise configurations are wary of cloud storage and question its security and recoverability capabilities, regardless of the increasing sophistication of cloud technology. In actuality, there are many different types of cloud systems available, including private, hybrid, public and multicloud environments. CIOs should become well-versed in the various options to determine which is most advantageous for their specific organization.

2. Educate C-suite executives on the cloud’s benefits and dispel myths

 Once CIOs understand the benefits of cloud storage, how can they get other C-suite executives up to speed? IT professionals need to adequately inform leaders from outside departments about the technology behind cloud storage in order to appeal to each executive’s respective area of interest and dispel any cloud myths that may be in play. For example, if a CEO believes that it would take too long for the enterprise to transition off on-premise storage and onto the cloud, CIOs can share information about how they can streamline cloud storage deployment. Likewise, if a CFO sees a new cloud option as too costly, it is up to the CIO to illustrate how these solutions actually have lower fixed costs and will result in substantial savings over time as compared to on-premise systems. To dispel security myths, CIOs can help business leaders understand that the security of data on the cloud has matured drastically and is often even more secure than on-premise solutions. Geodistributed data and various layers of encryption not only protect an enterprise’s data on the cloud, but they also address another top C-suite concern by complying with regulations

3. Proactively seek new cloud solutions

 Some CEOs that already understand the financial benefits of the cloud are forcing CIOs to adopt cloud technology to cut storage costs. But by the time a CEO asks the CIO to adopt cloud technology, their IT team is likely already behind the trend. 

In one instance we’ve seen, a customer’s CIO lost his job as a result of waiting too long to adopt cloud technology. Their company saw their expenses decrease tenfold and saved millions of dollars each year by shifting to the cloud, which led them to wonder why their CIO hadn’t acted sooner. Instead of just considering themselves Chief Information Officers, CIOs need to be Cloud Information Officers in the sense that they must constantly be on the lookout for cost-saving, secure cloud options.

By actively presenting C-suite executives with cost-saving solutions, IT leaders become sources of company-wide innovation initiatives, rather than just technology fix-it centers. Though many business leaders are understandable hesitant to put their eggs in one basket by investing in cloud technology, it is the CIO’s responsibility to explain how it will benefit the company in the long-run. When CIOs are well educated on the different types of cloud systems that are out there as well as the benefits they offer their specific enterprises, C-suite executives will begin to see the IT department as a value generator and innovation enabler.

How to maintain security and compliance when moving financial and health records to a new cloud environment

Regardless of industry, today’s organizations can’t help but be drawn to the cloud’s ability to lower capital expenditures. But compliance in the cloud is a whole different ball game and for financial firms and educational institutions with sensitive data like health records and credit card information, risking compliance and security in the name of budget isn’t an option.

Yet when push comes to shove, many organizations are fixated with the money-saving opportunity and move their sensitive student and patient data to the cloud – overlooking compliance risks. The minute data leaves their facilities, IT loses any means of “touching” the data, making it incredibly challenging to maintain compliance.

Similar to large and medium size enterprises, financial firms and educational institutions house an immense amount of sensitive data. And naturally, these organizations have more rules and regulations to abide by when it comes to securing, storing and accessing such data. IT must be able to explain where the data is located, how it’s protected and who can access it in order to prove compliance.

Before moving educational and financial data to the cloud, educational and financial IT managers must check the following boxes to lay the foundation for a compliant transition:

Select a vendor that meets your specific regulation needs

Look for a vendor or cloud service provider (CSP) designed to meet the level of security and compliance specific to your organization’s industry. Financial institutions have more compliance regulations to uphold than the traditional educational institution. Specifically, financial firms need a vendor that is equipped to support the following requirements:

  • PCI DSS (Payment Card Industry Data Security Standard)
  • SOX (Sarbanes-Oxley Act)
  • GLBA (Gramm-Leach-Bliley Act)
  • PHIPA (Personal Health Information Protection Act)

Educational institutions like colleges and universities need a vendor that can similarly maintain compliance for the storing of a less robust level of payment information, with the addition of health record data. Look for a vendor that can meet both:

  • PCI DSS and
  • HIPAA (Health Insurance Portability and Accountability Act)
  • PHIPA (Personal Health Information Protection Act)

Know where your data will live and who can access it

Part of proving compliance is being able to show where data is stored and who within the organization can access it. IT managers need to be able to report this information at any given time, which requires a higher level of control. Look for a solution that monitors who’s touching the data, gives IT managers control over who has access and can produce a history report in the case of a disaster.

Make sure data is fully encrypted before, after and during the migration process.

To stay compliant, sensitive data held by financial and educational institutions calls for the highest level of security. Look for a solution that will not only encrypt the data before migrating to the cloud, but one that will keep it encrypted unless accessed by an authorized user. There can’t be any risk of ransomware tapping into the data at any point in the process. Storing data across many storage devices will make it harder for cybercriminals to put all the pieces together to gain the full original file. However, the more storage devices, the more monitoring and management required. This shouldn’t be a deal breaker, you just need to make sure that level of control and accessibility is in place to ensure IT managers can keep all the organization’s data in line.  

Organizations shouldn’t have to choose between compliance and lowering capital expenditures. They can, and should, do both. Leonovus’ software-defined object storage solution (SDOSS) eliminates the fear of risking compliance when moving to the cloud. It gives financial and educational institutions the comfort of knowing exactly where their data is located within their respective hybrid, multi-cloud or on-premise environments. When this quality is paired with Leonovus’ unique erasure coding, over four levels of military encryption and reporting tools, IT departments can easily report on the security and access history of the data to regulating groups like the PCI Security Standards Council.

Leonovus software defined object storage – deployment at a glance

  • Description – Software defined object storage solution.
  • Managed Storage Capacity – Terabytes to Exabytes and beyond.
  • Number of Users – Unlimited
  • Supported Storage Vendors – Runs on any industry standard server hardware.
  • Storage Network Topology – On-premises, hybrid cloud or multi-cloud.
  • Cloud Standards – Amazon, Oracle, OpenStack plus Custom.
  • Agility and Interoperability – Hardware and operating system agnostic.
  • Evergreen – Legacy storage hardware and operating systems fully supported.
  • Data Recovery – Touchless auto-recovery from lost data or damaged drives.
  • Security – Multilayer encryption with transparent recovery from bit decay
  • Storage Management – Dynamic allocation and auto archiving to storage nodes.
  • Erasure Coding – User controlled storage configuration and data recovery probabilities.
  • Data Management Systems – Seamlessly connect to Commvault, Cloudberry and many more
    via standard API’s.
  • Speed – Archival storage access at nearline speeds. Nearline storage access at realtime speeds.
  • Business Continuity – Fastest recovery with higher probability of successful data reconstitution.
  • Standards – Open standards based for both hardware and software including Amazon Glacier, S3, HTTPS, Swift and others