Hello from Krakow! At impact’17, Elmar Eperiesi-Beck discussed how reliable data protection in the cloud looks.
Is data encryption the solution to make the cloud secure? For Elmar Eperiesi-Beck, founder and CEO of eperi, the answer is clear: With data encryption, the cloud is as secure as any other IT infrastructure – if the data is always secured. “Companies that collect personal data have to prepare for the EU General Data Protection Regulation (GDPR). If they are found to use poorly secured systems, they face fines in the eight digit range. And this is not just about global players – every company processes sensitive personnel and customer data”, explains Eperiesi-Beck.
The cloud is coming: enterprises that do not adapt to this often cannot compete with those who have already outsourced their IT to cost-saving and scalable cloud structures. “In order for all data to be secure, the most important thing for an enterprise is to keep control of its cryptographic keys – without any compromise”, says Eperiesi-Beck. “Those who have the key, have data access.” Cloud security is easily solved by adhering to this principle: data must be encrypted prior to leaving the company and being processed in the cloud. Within the company, however, authorized users have to be able to read the data unencrypted. This is possible with a gateway solution. It provides a central point in the enterprise IT architecture to manage the cryptographic keys and decide which data is encrypted. Strict legal separation ensures that access to this gateway is only permitted by a small internal administrator group.
“When encryption and key management remain internal, the cloud is secure. The best thing about a gateway-based solution is, however, that it is extremely flexible, does not change existing IT systems and limits end-user applications. End users do not notice the change”, explains Eperiesi-Beck. For more information on gateway solutions, please visit our resource library.