Cloud Data Protection Done Right: When Bringing Your Own Key Just Isn’t Enough
- LANGUAGE: English DATE: Thursday, April 12, 2018 TIME: 4:00pm CEST, 10:00am EDT, 7:00am PDT
As companies continue to expand their adoption of cloud services for such benefits as improved flexibility and scalability, reduced time to market, and cost savings, protecting their sensitive data across a large number of SaaS platforms is becoming increasingly complicated. For heavily regulated industries, security and data protection have been the largest barriers to cloud adoption for years, but with the upcoming General Data Protection Regulation (GDPR)’s significantly tightened compliance controls and massive penalties for violations, protecting sensitive data in the cloud is becoming mandatory for every organization.
Data encryption is undoubtedly the most popular technology for securing data in the cloud, but also one of the most misunderstood ones. Although most cloud service providers offer their own capabilities for encrypting data at rest or in transit, their implementations may vary dramatically in scope and quality. Without understanding of underlying principles, it is too difficult for most customers to see behind marketing buzzwords and to estimate what grade of security they are actually getting. Protecting your data from unauthorized access isn’t even your cloud provider’s legal responsibility – you are still fully responsible for all consequences of any data breach.
Although many SaaS vendors will gladly offer you to handle all your encryption needs and even let you manage your own encryption keys with absolute security, the bitter truth is that anyone that has access to your keys can potentially access your data – and that includes external administrators and overly curious intelligence agencies. Only by taking the matters in your own hands and establishing a holistic data encryption platform you are able to be absolutely sure that your data remains safe and compliant with the most stringent industry regulations. You stay in control of your data!
Join this KuppingerCole webinar and learn:
- Why not all encryption solutions are equally secure and how to see beyond marketing buzzwords;
- What operational, security and compliance challenges businesses face when dealing with cloud data encryption;
- Reaping the benefits of third generation encryption solutions and overcoming their traditional drawbacks;
- Keeping your cryptographic keys safe, your data secured and your auditors happy with a transparent end-to-end encryption gateway.
In the first part of the webinar, Alexei Balaganski, Lead Analyst at KuppingerCole, will talk about the challenges businesses are facing when moving their sensitive data into the cloud and explain why data encryption and tokenization are the most effective measures they can take to protect sensitive data in cloud environments. Finally, he will outline the ideal requirements an encryption solution must meet to ensure strong protection and full compliance for sensitive data in the cloud.
In the second part, Elmar Eperiesi-Beck, CEO & Founder of eperi GmbH, will share his decades-long experience in data tokenization, encryption and key management and will demonstrate how transparent encryption gateways can solve many problems traditionally associated with end-to-end encryption and demonstrate once again that security vs. convenience does not have to be a dichotomy.
eperi GmbH is a leading provider of Cloud Data Protection (CDP) solutions with several hundred customers addressing data security, compliance and data control use cases for custom applications and leading SaaS applications such as Office 365, Salesforce, ServiceNow, Custom Apps and others. eperi enables cloud usage while maintaining data compliance requirements, such as GDPR, PCI/DSS or HiPPA, and protects sensitive data from unauthorized access by encrypting all critical data proactively before it is transferred to the cloud.
eperi CDP solutions are software based solutions that can be used as on-premises gateway solutions under the full control of the enterprise, or are available through MSSP (Managed Service Security Partners) such as IBM, T-Systems and others. The eperi CDP solutions are unique in offering the broadest and deepest supports for cloud SaaS, applications, databases and files and are designed with a powerful template concept to support hundreds of different cloud SaaS applications.
Organizations or institutions that are essential for the public are called Critical Infrastructures (KRITIS = “Kritische Infrastrukturen”). As such, they are subject to comprehensive and strict legal regimes consisting of laws and regulations.
Come to the place where the Digital Transformation is happening. The European Identity & Cloud Conference, held from May 12-15, 2020, offers a mixture of best practice discussions, visionary presentations, and networking opportunities with a future-oriented community. More than 800 thought leaders, leading vendors, analysts, executives, and end-users get together in Munich to be inspired by a list of world-class speakers.
KuppingerCole analysts build upon competencies from comprehensive research, experience from highly topical PAM advisory projects and systematically expanded and advanced best practices. Our analysts and advisors offer a one-of-a-kind, multi-channel approach to modern knowledge transfer: the KuppingerCole Master Class Privileged Access Management. Webinars and webcasts, up-to-date research documents, an all-day classroom workshop with final exam and certification of the acquired skills lay the foundation for establishing the necessary technical and methodological knowledge in your own organization.