Your cloud data needs more than just client-side encryption

The cloud is an integral part of modern data management. Too many benefits provide centralized managed storage that is accessible from anywhere.

But the risks for security and data ownership are significant: the cloud is managed by the provider, so all data are potentially readable for this one.

With the newly developed graph-based information architecture, a smart and patented key management and scrambling and distributing the data on several independent server systems, olmogo makes your cloud safer than ever before.

For this reason, the ENISA (European Network and Information Security Agency) has defined in its Study on cloud computing nine high probability / high impact risks for cloud based services.

olmogo has a solution for all the risks defined by ENISA*

 
Problem
 
 
Olmogo solution
 

Loss of governance (R2)*
Service provider is responsible for safety

 
  • olmogo architecture guarantees 100% data sovereignty for the user: neither the service provider nor olmogo can read data without the consent of the customer
  • olmogo services are documented, security concerns will be reported to the customer
 

Isolation failure (R9)
Customers have access to the access of other customers

 
  • All data can only be decrypted by authorized users, because the keys are also encrypted
  • Isolation failure of even more than one olmogo data storage does not result in a data leak
 

Malicious insider (R10)
Employee of the service provider abuses high-level privileges

 
  • olmogo Separate Systems Architecture can be hosted separately
  • The owner of the data always holds all the keys
  • In the worst case, the malicious insider can manipulate the key or prevent the log in - actions that a users would notice immediately
  • olmogo prevents even with a stolen password a data-leak
 

Insecure or incomplete data deletion (R14)
Customer data will not be deleted completely

 
  • olmogo encryption mixes and encrypts all data, for this reason, a not complete deletion of data renders no danger
  • olmogo Zero Information Strategy overwrites this risk
 

Management interface compromise (R11)
Customer User Interfaces on the internet can be accessible to a variety of people

 
  • olmogo access points can be defined by the customer
  • if no public access is needed the olmogo Directory Server can be operated on the intranetwhile the data storage can be kept without problems in the extranet
 

Service engine compromise (R19)
Access to the hypervisor provides access to all customer data

 
  • see also malicious insider (R10)
  • even several hacked olmogo units would not leak data
 

Subpoena and e-discovery (R21)
Data will be accessible to third parties in the case of seizure of hardware by law enforcement

 
  • olmogo data and metadata are scrambled and encrypted. Even if these data are accessible to unauthorized third parties they remain worthless unless they have access to the end user device and the user password
 

Changes of jurisdiction (R22)
Customer data is held in several jurisdictions

 
  • The storage provider or the customer can freely determine the server location
  • olmogo Directory Servers are hosted in Germany or in the country specified by the customer
 

Data protection risk (R23)
Difficulty to control the data management of the service provider

 
  • olmogo never processes actual data (zero information strategy), except they are explicitly addressed by the user to an olmogo agent (a software module in the olmogo architecture). which presupposes the consent of the data owner
 

*ENISA: European Union Agency for Network and Information Security

Become an olmogo partner and offer your customers highly secure cloud solutions.

Or establish olmogo in your corporation.

Interested? Please contact our sales team and we are pleased to help.

AKTUELLES
08/02/2019
olmogo @ Digital X in Cologne