Cloud Data Protection Done Right: When Bringing Your Own Key Just Isn’t Enough
- LANGUAGE: English DATE: Thursday, April 12, 2018 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
As companies continue to expand their adoption of cloud services for such benefits as improved flexibility and scalability, reduced time to market, and cost savings, protecting their sensitive data across a large number of SaaS platforms is becoming increasingly complicated. For heavily regulated industries, security and data protection have been the largest barriers to cloud adoption for years, but with the upcoming General Data Protection Regulation (GDPR)’s significantly tightened compliance controls and massive penalties for violations, protecting sensitive data in the cloud is becoming mandatory for every organization.
Data encryption is undoubtedly the most popular technology for securing data in the cloud, but also one of the most misunderstood ones. Although most cloud service providers offer their own capabilities for encrypting data at rest or in transit, their implementations may vary dramatically in scope and quality. Without understanding of underlying principles, it is too difficult for most customers to see behind marketing buzzwords and to estimate what grade of security they are actually getting. Protecting your data from unauthorized access isn’t even your cloud provider’s legal responsibility – you are still fully responsible for all consequences of any data breach.
Although many SaaS vendors will gladly offer you to handle all your encryption needs and even let you manage your own encryption keys with absolute security, the bitter truth is that anyone that has access to your keys can potentially access your data – and that includes external administrators and overly curious intelligence agencies. Only by taking the matters in your own hands and establishing a holistic data encryption platform you are able to be absolutely sure that your data remains safe and compliant with the most stringent industry regulations. You stay in control of your data!
Join this KuppingerCole webinar and learn:
- Why not all encryption solutions are equally secure and how to see beyond marketing buzzwords;
- What operational, security and compliance challenges businesses face when dealing with cloud data encryption;
- Reaping the benefits of third generation encryption solutions and overcoming their traditional drawbacks;
- Keeping your cryptographic keys safe, your data secured and your auditors happy with a transparent end-to-end encryption gateway.
In the first part of the webinar, Alexei Balaganski, Lead Analyst at KuppingerCole, will talk about the challenges businesses are facing when moving their sensitive data into the cloud and explain why data encryption and tokenization are the most effective measures they can take to protect sensitive data in cloud environments. Finally, he will outline the ideal requirements an encryption solution must meet to ensure strong protection and full compliance for sensitive data in the cloud.
In the second part, Elmar Eperiesi-Beck, CEO & Founder of eperi GmbH, will share his decades-long experience in data tokenization, encryption and key management and will demonstrate how transparent encryption gateways can solve many problems traditionally associated with end-to-end encryption and demonstrate once again that security vs. convenience does not have to be a dichotomy.
eperi GmbH is a leading provider of Cloud Data Protection (CDP) solutions with several hundred customers addressing data security, compliance and data control use cases for custom applications and leading SaaS applications such as Office 365, Salesforce, ServiceNow, Custom Apps and others. eperi enables cloud usage while maintaining data compliance requirements, such as GDPR, PCI/DSS or HiPPA, and protects sensitive data from unauthorized access by encrypting all critical data proactively before it is transferred to the cloud.
eperi CDP solutions are software based solutions that can be used as on-premises gateway solutions under the full control of the enterprise, or are available through MSSP (Managed Service Security Partners) such as IBM, T-Systems and others. The eperi CDP solutions are unique in offering the broadest and deepest supports for cloud SaaS, applications, databases and files and are designed with a powerful template concept to support hundreds of different cloud SaaS applications.
There is growing interest in deception as a methodology and as an integral part of cybersecurity architecture, as organizations seek more effective approaches for detecting and responding to threats in real time. Distributed Deception Platforms have made this approach practical and affordable for the first time, but choosing the right solution can be challenging.