Single Blog

Interview with Niall Browne, SVP Trust & Security, CISO, DOMO: Bring Your Own Key Keeps Data Safe & Secure in the Cloud

During the recent PluralsightLIVE conference in Salt Lake City, Utah, organised by Pluralsight Inc.,  I had the opportunity of speaking with Niall Browne, SVP Trust and Security, CISO, Domo.

Domo brings together data, systems, and people for a digitally connected business.

As more and more enterprises ‘do business’ and store their data in the cloud the question of ownership, management and the security of this data becomes a top priority. Regularly we hear of breaches of security, cyber-attacks and hackers accessing and compromising this data. I wanted to know how Domo was addressing these problems and the solutions that they’ve put in place.

Domo believes that customers should own their own data and have the ability to fully manage it in the cloud. Niall Browne reiterated that customers should have the power to fully own, control and manage their data. However, he explained that this is currently not the case with most conventional cloud providers.

“Enterprise customer’s number one security request is to manage their own encryption keys. I would certainly say over the last two or three years it’s the number one request we’re getting from them.”

Currently conventional cloud providers will take the data and store it in their systems. They have the encryption key to manage, and control it which means enterprises need to trust that they have a safe and secure solution. Niall added:

“An analogy would be that somebody, a third party has the key to your front door. They can come and go as much as they want and you don’t have that key. So that model has always created a certain amount of distrust when moving data to the cloud when a third party is managing it.”

What’s Domo’s solution to ensure enterprises have ownership and control over their data?

“Domo’s solution is the Bring Your Own Key (BYOK) model. This allows the customer to always be in control of their data, no matter where it lives. The customer owns and manages their own key from their own environment 24/7.

At any time they’ve got the ability to encrypt or decrypt data. They’ve also got the ability to revoke their key.”

This is part of Domo’s Trust Programme which has the most robust security tools available today. The programme has been created for customers in highly regulated industries, such as financial services, government, healthcare, energy and technology and sets a new standard for enterprise security and compliance.

What is BYOK?

Domo BYOK gives customers complete control of the encryption keys for their Domo instance, allowing them to verify that their data is kept private at all times. In addition, Domo BYOK revolutionizes traditional security solutions with unique capabilities including rolling generation of data encryption keys and a built-in kill switch. Customers can revoke the encryption key at any time, nullifying all their data in Domo, and ensuring that no one will have access to their sensitive customer data.

BYOK has 3 different components:

1. Key Management:

This involves the rotation of the encryption keys every hour. This equates to 8,760 rotating encrypting keys annually, per customer. This is exponentially stronger than the cloud industry standard of only rotating encryption keys every one to two years.

2. Kill Switch:

A kill switch is built directly into the Domo user interface, so when time is of the essence, there is no need to contact Domo. Two authorized administrators can execute the kill switch by logging into their instance separately, activating the kill switch, and rendering data in caches and indexes unusable in seconds. No other cloud provider offers a kill switch feature that allows customers to remotely delete their sensitive customer data in caches and indexes in the cloud.

3. Activity Logs:

Domo automatically logs (records) all activity within a customer’s instance, allowing administrators to see in real-time who accesses their data, and how. In addition, if a customer chooses to revoke their encryption keys and execute the kill switch, these events are also logged—giving the organization immediate confirmation that their data is no longer accessible.


Is Domo the first organization to provide BYOK and a data kill switch solution?

“Yes, we’re first to create BYOK for Big Data and our kill switch which enables customers to remotely delete all caches in the cloud, is unique. There’s no other cloud provider out there that has that ability to execute a kill switch under BYOK, which is very powerful. There’s no other provider that I am aware of that allows you to rotate an encryption key on the hour every hour using BYOK.”

It’s very reassuring to know that Domo has created and is providing this BYOK solution for highly regulated industries which safeguards their and our data in the cloud.

About Domo
Domo helps all employees – from the CEO to the front-line worker – optimize business performance by connecting them to the right data and people they need to improve business results. Domo’s Business Cloud is the world’s first customizable platform that enables decision makers to identify and act on strategic opportunities in real time. The company works with the world’s leading and most progressive brands across multiple industries including retail, media and entertainment, manufacturing, finance and more. For more information, visit You can also follow Domo on TwitterFacebookLinkedInGoogle+Instagram and Pinterest.




Comments (0)