IT security standards depend on the size of a company
Pfungstadt, September 10, 2024 - Should the keys that companies use to encrypt their sensitive data also be available to the cloud provider in addition to being stored in the company? 58 percent of companies with 2,000 to 4,999 employees answer this question with "yes". Companies with up to 400 employees take a different view: 61% of them attach great importance to ensuring that no one outside the organization has access to the master keys.
"This result is surprising because you would expect large companies or corporations not to hand over their keys and smaller companies to rely on external support in an emergency," says Andreas Steffen, CEO of eperi. "In any case, it's not a good idea to give access to your most valuable or sensitive data to someone else. It's like giving the front door key to a neighbor you don't know well enough and whose door is rarely locked."
How the encryption key is handled varies from sector to sector. While 75 percent of the retail companies surveyed stated that they would not give the key away, only 51 percent of non-profit organizations, healthcare and social services and public administration attach importance to sole access. Another result of the survey is also striking: although 65% of IT companies are in favor of the master key being available only to them, 26% have no problem if the cloud provider also has access to it. It is also irritating that 9 percent of the IT companies surveyed did not give any assessment at all.
Irrespective of these industry-specific answers regarding the handling of the encryption key, 70 percent of companies consider it risky if someone outside the company - even if it is the cloud provider - can access the data key; in the case of banks and insurance companies, 89 percent even see this as an increased risk.
There is therefore a need for education on the correct and responsible use of the encryption key.
About Eperi GmbH:
At eperi®, we firmly believe that data protection is a fundamental human right. Our goal is to ensure that people and companies retain control over their data at all times. Without compromise and with the best technology. With a focus on the security of our customers, we have created a solution that is invisible to the user and at the same time meets the highest security standards.
With the eperi® solution, our customers benefit from all the advantages of cloud usage, such as efficient company-wide collaboration, while remaining legally compliant with global data protection laws. We hold several international patents for our innovative multi-cloud technology, which offers unrivaled data protection for SaaS applications, individual applications and files. Our customers retain sole control over all sensitive data, as no unencrypted data is sent to the cloud.
We make the cloud possible - simple, secure, individual, GDPR-compliant.
Press contact eperi
Eperi GmbH
Sabine Jost
Gutenbergstraße 4-6
64319 Pfungstadt
Phone: +49 (0)6157 95639 16
E-Mail: sabine.jost@eperi.com
Web: www.eperi.com
Press contact agency
TC Communications
Thilo Christ
Phone: +49 171 6220610
Alexandra Schmidt
Phone: +49 170 3871064
E-mail: eperi@tc-communications.de