Blog

Securing the Emerging Innovation of the Distributed Cloud – Protecting the Data

Written by Sam Armstrong | 28 Oct, 2021

By Bob Michaud, Chief Security Officer, Q2

October is Cybersecurity Awareness Month, and Q2 is a Cybersecurity Awareness Champion. This year, my blogs focused on Q2’s efforts to secure the emerging innovation of the distributed cloud. In this last blog in the series, I will discuss the data and how Q2 has adopted advanced technologies to protect it.

Q2 has always been an innovative thought leader in security and security advancements. Security is at the core of our success. Q2 Trustview, powered by our partnership with ALTR, applies the last line of defense in Q2’s zero-trust strategy. By removing the actual data from the application layer, Q2 has dramatically reduced the risk of security and privacy breaches.

This week, I asked Q2’s Senior Director of Data Center Operations, Albert Holscher, to describe what protecting the data means in our distributed cloud model. Albert explained an essential piece of this model involves using the data as the actual security play in which this final piece acts as the fail-safe to all the other layers around it. The data itself is now part of the security posture through the sophisticated use of tokenization, encoding, and blockchain technology.

I asked Albert what advantage this provides our customers. He explained that leveraging the strengths of the distributed cloud for dispersed service delivery means we also must protect the data spanning this broad environment. Launched in 2019, Q2 Trustview removes all sensitive data from our environments through encoding and tokenization. The sensitive data is replaced with tokens in the application databases. The source data is randomly encoded at runtime in three different points, fragmented, and scattered across multiple private blockchains. This means no sensitive data can be found within our environments; it’s reassembled at runtime, returned to the application in memory, and never stored. This helps protect us from intrusion or from insider misuse – where the data, even if it is protected with encryption, could be accessed and removed. Q2 Trustview is being rolled out across Q2’s product lines in various stages over two years. It’s in production in our PCI environments, under development for Banking-as a Service, in planning for ClickSWITCH and Centrix, and is expanding into limited-release in the Q2 Online Banking Platform.

26 ALTR patents protect Q2 Trustview. It gives Q2 unprecedented levels of visibility into who accessed what data and then offers next-level protection by simply not storing the actual sensitive data itself. Q2 teams are working to surface more visibility of this excellent protection into our new back-office Q2 Console solution.  Winning the 2020 CSO50 Award illustrates how the security industry has recognized the unique value this innovation brings.

In closing, my blog series for October’s Cybersecurity Awareness Month allowed me to discuss Q2’s distributed cloud with Lou Senko, Jordan Hager, and Albert Hoelscher. I’d like to thank them for enlightening us about the far-reaching benefits of the distributed cloud. They create a foundation Q2 can build upon without fear that the security layers are simply covering issues or that we’re always just one failure of a layer away from a disaster. The distributed cloud offers Q2’s customers a leap ahead in the innovation foundation as more of the ecosystem leans in to extend the services and leverage the platform. 

Thank you for reading this year’s Cybersecurity Awareness Month blog series!