By Adam Gardner, Head of Products @NEXTDC
Securing the Future: Navigating Quantum Computing and Data Security
Introduction
"Harvest now – Decrypt later". These words should keep you up at night unless you have a comprehensive strategy in place to mitigate the risk to your organization. Especially in the AI era, where huge volumes of data are aggregated to extract business value. Why? Because cybercriminals and bad actors may have considerably better tools to compromise your data sooner than you think.
Understanding Harvest now – Decrypt later (HNDL)
Harvest now – Decrypt later (HNDL) describes a strategy where bad actors steal encrypted data, even if they know they won’t be able to decrypt it immediately. Then they set it aside with the expectation they’ll be able to crack the key in the future. Or they sell it to someone else via the dark web, who also sets it aside. Either way, the data is out there. It’s in the wrong hands and it isn’t coming back.
Today, that’s a major concern, but not catastrophic as your data is encrypted. You encrypted all your data, right? If not, it is catastrophic. But let’s assume you’ve encrypted the data. The largest impact is likely the lost confidence your customers and potential customers have in your organization. In itself, this is serious, but the damage, per se, is restricted to your company as the data is encrypted.
Quantum Leap for Risk
HNDL is particularly concerning because of ongoing developments in quantum computing. Traditionally data in computers fundamentally can be reduced ultimately to a 1 or a 0. However, quantum computing enables the machine to compute these as a 1 and a 0 at the same time. If you multiply this capability by the full power of the machine, performance improvements are astronomical.
In 2019, Google announced Sycamore – a 54 qubit quantum computer and tasked it with a problem that would take the world’s fastest supercomputer 10,000 years. Sycamore performed the computation in 200 seconds! IBM have since announced increased performance with systems such as the 133 qubit Heron quantum processor. And like any technology, there’s no signs of these advances slowing down anytime soon.
Which is great news for geeks like me – however it’s also great news for cyber criminals, who are already stealing data that is 128-bit or 256-bit encrypted. Even though they can’t decrypt it using today’s “brute force” hacking techniques, they’re putting it on ice to be decrypted and monetised or weaponised tomorrow.
Isn't Encryption Enough
Best practice cyber security can be complex and expensive. Some organisations are focusing on a strategy that centred on double- or triple-encrypted data, perhaps neglecting other aspects of a more rounded security strategy. They take comfort in the notion that if a data breach occurs, the data remains secure as it’s still impractical for it to be decrypted.
Is this flawed thinking? Yes – if it’s the only strategy in place. Quantum computers are designed to solve very complex problems very quickly. This includes mathematical problems, such as those used in gold-standard 256-bit encryption methods. These developments are happening very quickly, and in the not-too-distant future (probably within the next five years or so3) we can expect quantum computing to advance to a stage where it can routinely decrypt today’s gold-standard encryption methods.
When it comes to feeling queasy about quantum computing and HNDL, I’m far from alone. A new survey of IT leaders in Asia-Pacific found that 61% of respondents are concerned that their organisations will not be prepared to address the security implications of the post-quantum computing world. Unfortunately, only one in five respondents have a strategy to manage it, though thankfully a further one in three say they will have a plan in place within six months.
So, what else should you do to further reinforce the protection of your organisation’s sensitive data?
Act Today to Safeguard Tomorrow
The key message here is not one of imminent doom and despair. Nor is it that you should stop encrypting your data. It's about taking a belts and braces approach. By making smarter decisions about your digital infrastructure today, you can turn it into a long-term asset for your organization, rather than a future liability.
Looking ahead over the AI and quantum computing horizon, to protect against looming threats is vital. A balanced all-hazards security strategy is non-negotiable, with robust measures in place to manage cyber, people, supply chain and physical risk. Data sovereignty considerations are also important – that is, ensuring that Australian data resides in Australia, and is subject to local laws and regulations.
Connect Directly to Reduce Risk
A critical element to this strategy involves interconnectivity, in particular, how your data is being shared between the various clouds, systems and other workloads that make up your network. Rather than accessing each of these via the public internet – which is where a great deal of the risk lies – it makes more sense to interconnect them directly.
If your data centre offers access to a secure and sovereign partner ecosystem – one that is certified for security and resilience at the highest level – you can directly access the leading cloud services and local providers. Using secure, Layer 2 interconnectivity platforms like AXON to facilitate direct virtual connections allows for reduced exposure to the internet and often doing so at a lower overall cost after considering data transfer fees. With the right interconnectivity strategy there’s far less exposure, which in turn means there’s far less risk of your data being harvested now and decrypted later.
Why Choose NEXTDC for Your Data Centre Needs?
Dynamic Partner Ecosystem:
Leverage Australia's most extensive partner ecosystem with a community of 750+ partners to enable more connections with carriers, cloud providers, and IT service providers.
Hybrid Cloud Experience:
Empowering customers to leverage cloud first strategies and optimise multi-cloud deployments to scale mission critical IT infrastructure.
AI, High-Performance Computing and Edge Design:
NEXTDC is at the forefront of supporting Edge computing and High-Performance Compute (HPC) requirements, providing customised solutions to accelerate your AI journey.
100% Uptime:
The only data centre operator in the southern hemisphere with Tier IV Gold certification for Operational Sustainability, NEXTDC guarantees zero downtime for reliability and performance.
Data Centre Interconnectivity:
Secure, private, and direct access to Australia’s most connected range of global cloud providers, integrated with a nationwide network of data centre facilities.
World Class Design and Operations:
Internationally recognised for designing, constructing, and operating Australia’s market leading Tier IV facilities, certified by globally renowned Uptime Institute.
Sustainability Driven:
Demonstrating a commitment to sustainability, NEXTDC prioritises renewable energy sources, achieving leading standards such as 5-star NABERS energy efficiency ratings and TRUE certification.
DTA Certification for Government Agencies:
NEXTDC is certified by Australia’s Digital Transformation Agency (DTA), to ensure compliant and sovereign critical infrastructure choice for government at all levels.
Industry Recognition:
NEXTDC, a listed company on the ASX 100, stands out with industry peer awards as the region's most innovative and customer focused data centre provider.
Carbon Neutral Operations:
NEXTDC's corporate operations are certified carbon neutral under the Australian Government’s Climate Active Carbon Neutral Standard.
Efficiency and Cost Management:
Engineered for outstanding energy efficiency, NEXTDC data centres deliver industry-leading benchmarks for minimising operational cost and total cost of ownership.