Aviva Zacks of Safety Detectives got the chance to chat with Satish Ramakrishnan, Senior Executive of MinIO. She asked him about his company’s Object Store.
Safety Detectives: What motivated you to have security be a foundational aspect of your career?
Satish Ramakrishnan: Cybersecurity is about one thing: protecting data. I’ve been in the data space since 1989 when I started writing BIOS, firmware, and drivers for SCSI Drives. It is not possible to be in this space and not have security as a fundamental tenet in my career. It helps that I find the dynamic nature of the challenge immensely interesting.
SD: What do you love about working in cybersecurity?
SR: The real beauty of cybersecurity is how vast it is and how much it encompasses. It is never possible to say that you know everything – there is always something new to learn. Whether it be the technology, the people, the processes, the governance there are so many different facets to the problem.
I also love the customer component. They have to be at the center of the equation. Assuming liability for a customer’s data on your product is really one of the biggest risks you can take. However, it also tells the customer that you are looking out for them and have skin in the game too.
SD: What is your company’s flagship product?
SR: Our flagship product is the MinIO Object Store. While the development community knows us for our multi-cloud attributes and scalability, we are the go-to for secdevops types based on our security architecture and performance optimizations.
MinIO encrypts data both in-flight and at rest. MinIO supports state-of-the-art encryption schemes to deliver granular, object-level encryption using modern, industry-standard encryption algorithms, such as AES-256-GCM and ChaCha20-Poly1305. MinIO is fully compatible with S3 encryption semantics, and also extends S3 by including support for non-AWS key management services, such as Hashicorp Vault, Gemalto KeySecure, and Google Secrets Manager.
MinIO’s object storage retention and data immutability are validated for SEC Rule 17a-4(f), FINRA Rule 4511, and CFTC Regulation 1.31. Rule 17a-4 has specific requirements for electronic data storage, including many aspects of record management, such as the duration, format, quality, availability, and accountability of broker-dealer record retention.
The same mechanisms that enable MinIO to store data in a tamper-proof manner make MinIO a ransomware-resistant endpoint for your backups.
SD: In a world filled with cybersecurity companies, what makes you different?
SR: Well for one, we are not a cybersecurity company in the traditional sense. However, as a high-performance object store, we are used by almost every large cybersecurity company in the market as part of their software stack. The reasons are straightforward, they can run high-speed queries against massive datasets stored in MinIO. They know that their data, whether it be log files or PII, will be safe. They know that any S3 compatible application (that is to say most every modern application) will be able to run against it. They know that it doesn’t matter where the data resides – at the edge, in a colo, in the private cloud, in the public cloud, or in an air-gapped on-prem environment, that MinIO will work under those conditions.
With that comfort, they depend on MinIO for everything from R&D to production. No other object store supports more cybersecurity companies across more endpoint types (public, private, edge clouds) than MinIO. That’s what makes us different.
SD: What is the least appreciated part of the cybersecurity stack?
SR: The vast majority of the effort in cyber is focused on building out the “vault” and the managing and protecting of the access points. Not enough attention is paid to the inside of the vault. This is what protects the data and it serves as a “last line of defense” in many cases. The more secure the datastore, the better the overall security architecture and the smaller the attack surface.
Data, however, must still be available, and to multiple applications. That is why MinIO built its own Key Encryption Service (KES). Stateless, this distributed key-management system works for high-performance applications by bypassing the bottlenecked KMS. This can be deployed on a per application basis and was designed for high throughput workloads. a stateless and distributed key-management system for high-performance applications.
SD: How are AI and ML impacting cybersecurity today?
SR: AI and ML are completely changing how cybersecurity is evolving. With the advent of Big Data and the ability for storing petabytes of data with high-throughput, AI and ML tools allow for deep analysis and proactive remediation. The key, however, is to have a data store that is not only able to deliver performance – but to deliver performance at scale. This is what distinguishes legacy storage from modern, high-performance object storage. This is why almost every major AI/ML framework is “object storage first.”