Data encryption: More security on cloud platforms

March 20, 2024
| No comments
Data encryption: More security on cloud platforms
Advertising

Share post

Online platforms are often the target of cyberattacks, such as Trello recently. 5 tips ensure more effective data encryption in the cloud with the eperi Gateway, which encrypts end-to-end.

Attacks on company cloud environments are now commonplace. Only now has user data been stolen again in a cyber attack and offered on the Darknet - this time affecting 15 million Trello users. The problems associated with such data loss would not be so dramatic if this data were encrypted so that no one could do anything with it. A rethink in how we deal with cloud data is therefore more than overdue.

Advertising

Consistent encryption instead of perimeter security

While many companies protect and protect their data with classic security tools, the cloud has its own pitfalls. First, there is often confusion about who is responsible for data protection in the cloud, even though it is in fact the company that uses the cloud services. Secondly, data protection is often only applied to the data in the cloud, but not on the way there. Third, configuring cloud services can be very complex.

Companies that consistently encrypt their data end-to-end with the eperi Gateway have the certainty that nothing can happen to the data in the cloud or on the way there. eperi also offers such encryption for Trello with its REST protection proxy. This cannot prevent data theft, but it makes it useless.

Advertising

Subscribe to our newsletter now

Read the best news from B2B CYBER SECURITY once a month



By clicking on "Register" I agree to the processing and use of my data in accordance with the declaration of consent (please open for details). I can find more information in our Privacy Policy. After registering, you will first receive a confirmation email so that no other person can order something you don't want.
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest. For more information, see the privacy policy of CleverReach at: https://www.cleverreach.com/de/datenschutz/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Aspects that companies should pay attention to for effective data encryption in the cloud

1. End-to-end encryption

Companies should ensure that all data is end-to-end encrypted. The eperi Gateway ensures that the data is encrypted not only in the cloud, but also on the way. This guarantees that clear data is never available outside the company.

2. Compatibility with the IT environment

In order to ensure consistent security for data in the cloud, it is crucial that an encryption technology is independent and therefore compatible with any existing IT infrastructure and application environment. With the eperi Gateway, companies ensure that applications such as SharePoint, Office 365 or ERP/CRM solutions do not require exceptions where data enters the cloud unencrypted.

3. Unrestricted usability of the data

Pure data encryption inevitably limits the usability of the data, for example when searching for specific values ​​and content. The eperi Gateway not only encrypts the data, it also creates an index. This pseudonymization prevents clear data from falling into unauthorized hands, but still allows important search functions.

4. Low complexity

While many classic security solutions continually put a strain on administrators' resources, encryption technology for the cloud must run unobtrusively in the background. The eperi gateway is usually set up and operated in companies as an uncomplicated proxy. Companies that also want to save resources can have the gateway provided completely as a service by a specialized IT service provider.

5. Encryption for multi- and hybrid cloud

Encryption technologies are usually designed specifically for a dedicated cloud service. The fact is, however, that companies often use various cloud services from different providers. In order not to increase complexity and administration, companies should ensure that the cloud encryption solution can serve all scenarios. Thanks to the patented template concept, the eperi Gateway can be used for all cloud applications and can be flexibly adapted to data protection regulations.

More at Eperi.com

 

About eperi

With the eperi solution, our customers benefit from all the advantages of cloud use, such as efficient company-wide collaboration, while remaining legally secure in accordance with global data protection laws. We hold multiple international patents for our innovative multi-cloud technology, which provides unrivaled data protection for SaaS applications, custom applications and files. Our customers retain sole control over all sensitive data because no unencrypted data is sent to the cloud. We enable the cloud – simple, secure, individual, GDPR-compliant.

 

Matching articles on the topic

Majority of security experts consider cyber immunity to be effective

A recent survey of cybersecurity experts in companies in Germany shows a clear need for cybersecurity strategies that go beyond traditional solutions. ➡ Read more

Attacks on the water supply

Water is one of the most valuable resources as the basis of all life. It is therefore no wonder that water supply is increasingly becoming a goal ➡ Read more

PHASR proactively strengthens endpoint security

An industry-first endpoint security solution that hardens endpoints dynamically and tailored to each user: Bitdefender's PHASR. This ensures that security configurations ➡ Read more

Using exposure management against ransomware

A leading IT security company has published its latest cybersecurity report. Only a quarter of German security experts are optimally prepared for ransomware attacks. ➡ Read more

Sophisticated Phishing-as-a-Service (PhaaS) platform

Security researchers have uncovered a sophisticated Phishing-as-a-Service (PhaaS) platform that poses a serious threat to organizations around the world. The threat actor ➡ Read more

PDFs: The Trojan Horses of Hackers

Cybercriminals are increasingly using the popular PDF file format to hide malicious code. Recent IT forensics findings underscore this: 68 ➡ Read more

Maximum IT security for OT systems

OT systems are rarely attacked directly. However, gaps and vulnerabilities in traditional IT make OT systems more vulnerable to attacks. ➡ Read more

IT resilience: cybersecurity at the storage level

More data security features for greater IT resilience at the storage level: Cyber ​​security managers can pursue a proactive data security approach at the storage level with highly secure NetApp storage and thus ➡ Read more

PR News
, , , , , ,