Cloud Services Facing the Need For Encryption

Essential: Data Protection-Compliant Encryption

The DSGVO and other legal regulations are increasingly requiring users to handle sensitive and personal data as carefully as possible. This also applies to cloud data storage and its applications like Office 365, Salesforce and Co.

Here, too, companies must be able to ensure and prove that they can permanently and verifiably control personal and business-critical data in particular. An important aspect here is an encryption technology in which only the cloud user can access all keys, not even the cloud provider itself.

Furthermore, data encryption should not affect the way users work with the cloud application. But in some cases this is an obstacle that many companies and cloud providers find difficult to overcome.

Additional Task: Multi-Cloud Environments

In addition, vendors such as SAP, Salesforce, Microsoft, and other cloud service providers are increasingly facing a major challenge: the centralization of IT security solutions in hybrid and multi-cloud environments. More and more companies want to dismantle existing IT security silos and create a central platform to better manage current cyber risks.

The different encryption techniques of cloud providers turn out to be a real dilemma, because if everyone makes his data illegible with his own technology, how is central cloud data protection for a multi-cloud environment supposed to function reliably?

This is where the Eperi gateway platform comes in, which can do just that: Encrypt and pseudonymize data across multiple cloud applications on a central encryption platform.

Stop: Don’t Salesforce & Co. Encrypt Your Data Themselves?

Yes, that’s true, of course. On the one hand. On the other hand, the encryption solutions of the respective cloud providers often have a small but fine weakness, at least if you are data protection officer. The encryption solution itself and the necessary keys are not exclusively under the control of the cloud user. And this is an absolute no-go under the aspect of certain compliance requirements!

The Solution: Cross-Platform Data Ecryption With Eperi

So the fact is that in some cases Salesforce or Microsoft encryption solutions take privacy seriously and do not compromise the usability of the cloud application(s). And yet the encryption solution of the cloud providers does not meet the numerous internal and external compliance requirements.

This is the case, for example, when globally operating companies have to control the data protection processes completely independently and the cloud provider may under no circumstances access unencrypted data. But data residency is also a potential challenge when sensitive data must not leave a certain territory.

In addition, the establishment of a central IT security architecture speaks in favour of a central encryption solution such as the eperi Gateway. Here, too, all data protection processes can be controlled via a central control point.

Implemented: Making Cloud Applications Eperi Gateway-Compatible Using Templates

As can be seen from the article Eperi Gateway: Effective cloud data protection can be easily recognized, the Eperi cloud encryption solutions feature a template concept that allows the convenient connection of the Eperi Gateway to almost any cloud applications. This construct can be used, for example, to determine which encryption method is used, whether certain data types are expected during input, and so on.

The templates are traditional XML files that can contain executable Java code. For the frequently used Cloud and SaaS applications such as Salesforce, Office 365, etc. there are ready-made templates from Eperi. These can be easily adapted or recreated.