Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud with the eperi Gateway, which encrypts end-to-end.
Attacks on company cloud environments are now commonplace. Only now has user data been stolen again in a cyber attack and offered on the Darknet - this time affecting 15 million Trello users. The problems associated with such data loss would not be so dramatic if this data were encrypted so that no one could do anything with it. A rethink in how we deal with cloud data is therefore more than overdue.
Consistent encryption instead of perimeter security
While many companies protect and protect their data with classic security tools, the cloud has its own pitfalls. First, there is often confusion about who is responsible for data protection in the cloud, even though it is in fact the company that uses the cloud services. Secondly, data protection is often only applied to the data in the cloud, but not on the way there. Third, configuring cloud services can be very complex.
Companies that consistently encrypt their data end-to-end with the eperi Gateway have the certainty that nothing can happen to the data in the cloud or on the way there. eperi also offers such encryption for Trello with its REST protection proxy. This cannot prevent data theft, but it makes it useless.
Aspects that companies should pay attention to for effective data encryption in the cloud
1. End-to-end encryption
Companies should ensure that all data is end-to-end encrypted. The eperi Gateway ensures that the data is encrypted not only in the cloud, but also on the way. This guarantees that clear data is never available outside the company.
2. Compatibility with the IT environment
In order to ensure consistent security for data in the cloud, it is crucial that an encryption technology is independent and therefore compatible with any existing IT infrastructure and application environment. With the eperi Gateway, companies ensure that applications such as SharePoint, Office 365 or ERP/CRM solutions do not require exceptions where data enters the cloud unencrypted.
3. Unrestricted usability of the data
Pure data encryption inevitably limits the usability of the data, for example when searching for specific values and content. The eperi Gateway not only encrypts the data, it also creates an index. This pseudonymization prevents clear data from falling into unauthorized hands, but still allows important search functions.
4. Low complexity
While many classic security solutions continually put a strain on administrators' resources, encryption technology for the cloud must run unobtrusively in the background. The eperi gateway is usually set up and operated in companies as an uncomplicated proxy. Companies that also want to save resources can have the gateway provided completely as a service by a specialized IT service provider.
5. Encryption for multi- and hybrid cloud
Encryption technologies are usually designed specifically for a dedicated cloud service. The fact is, however, that companies often use various cloud services from different providers. In order not to increase complexity and administration, companies should ensure that the cloud encryption solution can serve all scenarios. Thanks to the patented template concept, the eperi Gateway can be used for all cloud applications and can be flexibly adapted to data protection regulations.
More at Eperi.com
About eperi With the eperi solution, our customers benefit from all the advantages of cloud use, such as efficient company-wide collaboration, while remaining legally secure in accordance with global data protection laws. We hold multiple international patents for our innovative multi-cloud technology, which provides unrivaled data protection for SaaS applications, custom applications and files. Our customers retain sole control over all sensitive data because no unencrypted data is sent to the cloud. We enable the cloud – simple, secure, individual, GDPR-compliant.