Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker could enter.
KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker could enter.
Just a few years ago, IT infrastructures resembled medieval fortresses: Firewalls, intrusion prevention systems and anti-virus programs were supposed to ward off attacks even before the attacker could enter.
Welcome to this called webinar data sovereignty in public clouds. How can you secure and control your confidential data in any infrastructure? Even in public clouds, this webinar is supported by auto clouds. The speakers today, my name is Matthias that I'm senior Analyst and lead advisor with co Analyst. And I will be joined by Dr. Quin he's director of cloud encryption at cybersecurity, some short news and current events from a coal before we start the actual webinar.
First of all, as an Analyst company, we amongst others provide research and advisory services and today even more important, we deliver advisory also in a digital form. So as digital advisory, so you get expert knowledge in IM cybersecurity and beyond with lots of topics to cover via video conferencing, share documents and online collaboration. And that is all aiming at efficient cooperation without the need to travel more information is available using the link below our second interesting aspect here is the cooking called masterclass.
This is our virtual multi-channel online classroom, and that aims at providing videos, interactive webinars and all day virtual classrooms combined with up to date, research and certification of the acquired skills and all this again in a digital manner. And currently we have three master classes up and running. This is privileged access management, incident, response management, and identity and access management essentials, and more is to come. And that's all that I wanted to tell you about could a call very quickly and introduction.
So let's follow up with the housekeeping and that will be quick as well. So housekeeping, audio control, you are all muted centrally. So the participants don't have to take care of these features. We do control these, so there's no need to mute or unmute yourself.
Second, we are recording this webinar, the podcast, the recording will be made available very soon, usually today or tomorrow latest. And we will also provide the slight text as PDF for downloads. So no need to take notes. Everything will be made available as either a recording or as a PDF. Very important. There will be a Q and a session at the end questions and answers. And you can at any time, add your questions using the go to webinar control panel. So there is a question section in this piece of software that is running right now on your desktop. Please enter your questions.
Anytime we will select them in the end, in the third part of this webinar. And that leads us to the agenda for today. We have three parts.
My part, the part of Dr. BU Quint and the Q and a session as mentioned, I will talk about information protection and the challenges of maintaining data control and data sovereignty. Dr. Buno Quin will show based on what I've been talking about very much deeper about how to securely share confidential data for trusted collaboration across any infrastructure while taking advantage of modern and agile cloud computing. And the third part as mentioned Q and a. So please feel free to add your questions and that's it for the introduction. So let's start with my short introduction speech.
First of all, we are talking about data protection today, and we are talking about data sovereignty. So the question is what are the drivers and trends behind that? What makes us actually do that? And I have picked out two important drivers and two trends that we think are really driving this way towards protecting data better in the cloud and in any environment. So let's start with the first driver. This is the increasing pressure for security in supply chains. So security is no longer only something that is done yeah, just to, for foreign auditor.
But it also is a, an important part that is required by your business partners. So supply chain, cybersecurity requirements are driving organizations to make their cybersecurity better, to implement it in a way that it is acceptable to their business partners along the supply chain. Good example, actually already since 2017 car manufacturers and suppliers in the German automotive industry, they have their own certification entitled TZA and they require this from their business partners since 2017. And that means that there are well defined security requirements put into these specifications.
And that is just one example of many where the supply chain partners need to be compliant to this and thus need to implement adequate security. Second it's the audits as well. There is an external audit focus on security. And sometimes on privacy, we have learned in, in talks to interested parties here, that there is a clear trend for regulators to look much closer to the protection of personal data and the security of people information in general, that is especially true for sectors that are used to it anyway.
So finance banking, insurance companies, healthcare, but it's, it is changing towards other verticals as well. So the risk, the digital risk is really in the focus and it, we, we look at vital core data, data protection, and security, and to trends that are also very important when it comes to protecting the lifeblood of an organization. The data is first, the business focus on data and data protection. More and more organizations are aware that they are on the one hand data driven. And on the other hand that they need to manage and handle this data adequately.
So that customers, that partners are really looking into the ways that they manage this information. So identifying the appropriate measures that need to be taken based on a comprehensive risk assessment is key for many organizations. And it is something that you can talk about with you manage your information, your data.
Well, if you protect your data, that is some kind of, yeah. Good thing to talk about when you present the way that you're doing business. And of course, on the other hand, before the external auditor actually identifies a finding, it is often very good to please the internal audit, which also focuses on security and privacy. And they go even further because internal audit will also look at the protection of intellectual property as a strategic measure. So really to make sure that your yeah, your IP is protected adequately.
So these are two drivers, two trends that we think are currently driving the increasing focus on data protection. If you look at two other extremes, that is really something that we cannot really control. So we've talked about the auditor, but we have two extreme aspects here. On the one hand, we have legislation that is upcoming in some organization and some countries, sorry, that are really posing a threat to data protection.
So the national jurisdiction of some states is currently a particular challenge in international interplay because state bodies are to be granted extensive access to data in cloud infrastructure, especially under the justification of legitimate criminal criminals prosecution. And that of course gives these state bodies a lot of power when it comes to looking into a cloud infrastructure into data in general. So that is on the one hand, the legislation aimed at access to data everywhere without any, without any, without any going into too much detail here or to, to judge upon that.
But it's just something that organizations need to think of when they put data into a cloud, into a shared infrastructure as a service infrastructure. And on the other hand, we have increasingly strong regulations around the globe when it comes to privacy to compliance. Everybody knows after so many years about the GDPR, but this is constantly growing around the globe. There are more and more of these regulations coming up, and that is something that we need to take care of. So the protection of personal data, personalized identifiable information is very, very important.
So we have on the one hand, the protection against unwanted undesirable access on the one hand through laws on the other hand, of course, more and more upcoming regulations. So protecting data in an insecure world, what are the, what are the framework conditions here? So first of all, many organizations consider the cloud as the new normal. So practically every organization is moving towards a platform strategy that is at least hybrid, even the conservative ones.
And with the current events that we are looking at with all, almost everybody working from home, who can, that is also something that heavily relies on the cloud. On cloud infrastructure. We have a increasing fraction of mobile workforce within our workforce and with a disappearing perimeter and a changed working environment. This is almost inevitable because they need to be mobile to communicate and to actually perform the work. Everybody likes software as a service platforms because they provide on the one hand collaboration and, and yet unmet quality of features available.
And these cover data storage in the cloud like SharePoint online or something like outlook, which is much more than data storage in office 365, but it's also collaboration. It's scheduling. We have collaboration like teams or slack or whatever is available here. And we have full boost business processes in the cloud. And that goes from something like CRM or to I TSM with Salesforce or service now. So we are moving more and more formally on premise solutions into cloud solutions, which often provide much more service and support.
Then one could do in an on premises environment, including patches, including concurrent software updates, just without even noticing it. On the other hand, again, I've mentioned it already. There is no network perimeter. So modern business today does not require a traditional firewall in the same way that it was necessary when protecting your traditional on premises data center. So the traditional firewall alone has little to no value for an organization anymore.
On the other hand, we have an increasing threat through malware through ransomware, and that is something that is really endangering data in systems. Again, something that we should think of today, with more people working from home, maybe even with their, with their, yeah, with their home computers, with their own computers, that is really a danger that organizations should think of while the number of malware trains is continuously increasing. So we have a real threat here. And this malware and ransomware of course, is targeted at data, the things that we want to protect.
And finally, of course there is industry. As we have organizations, we have businesses and sometimes even state driven actors that are spying on commercial enterprises, trying to find out their IP, their intellectual property. And this is something that we need to protect ourselves from as well. We at cooking a cold, we are thinking of this information protection as of a life cycle. So the information protection lifecycle I P C is something that we think makes perfect sense when it coming, when it comes to protecting this data.
So this lifecycle very quickly not to, to dig too deep into it starts to the upper left corner with acquire and assess this information. So either it is already there and it is thrown into this lifecycle for protection or to the, the data is actually created. So create or discover. And then we apply mechanisms to make sure that we understand what this information actually means. From a semantic point of view, we identify criticality, we classify it. We identify the intended users, et cetera. So we understand what this data is about so that we can handle it adequately.
And that is with the, with the circles to the right, we have different measures to take while this data, this information is in an active use use lifecycle. So we control access. We authenticate, we authorize, we govern access very important. We secure the data and that is something that we will heal later on. So we encrypt it, we tokenize it, we mask it, we redacted and pseudonymized it. And that needs to be done in every form that this data, that information is maintained. And that is in transit in use and addressed. But protection goes further. It says monitor and detect.
So we have to identify all activities that are undesirable undesired at all levels at the device level, the network, the systems, the applications level, and at the data level. So protecting data also in that respect is important. If something happens, oh, if there is a security in incident, if information is endangered, we need to contain and recover. So we have to analyze what's happening, limit imminent effects and maintain operations.
So we have to have the machine running and an important aspect often forgotten is to see so really to distract attackers, to learn them away and to analyze the attackers way of doing things. And after this active use life cycle is over. We have to make sure that this data is deleted or archived depending on the way that we have to deal with it. If we have to store it for a, a given amount of time, we will do that. If it's no longer required, we have this ugly German.
What, so we just remove it. We put it away because it is no longer needed. And if it's no longer needed, just deleted. So that will be the information protection lifecycle. And all these measures are layered. They are combined and they protect data. The information that we'll look at, and that leads me to my final four items of information that I want to look at. We are talking today about data centric security. We are talking about data sovereignty, and we will hear about that in a second.
And these are four facts that I would like to focus on because first of all, we need to understand that from day to day, even more data is the lifeblood of any company. And that means IP. That means persons information, any information in an organization has to be considered as the lifeblood and it should be protected adequately. And that means in environments that are potentially untrusted. And if this is the case, if they are untrusted, and if we cannot do anything against that, we should not apply any protective measures towards areas where we cannot win.
So stop protecting areas where the battle is not worth winning don't trust platform. You are platforms you are not operating without additional controls that does, does not mean that you are not allowed or permitted to you to use them, but just to apply additional controls. And that is all what this today's webinar is about. So on the other hand, data must be capable of flowing to wherever it is legitimately required. So every usage of the data should be enabled.
So this enablement of course, needs to be secure across organizations and regions with all the different requirements when it comes to, to legal or regulatory requirements. And on the, and the final thing that we should consider is that services relying on this well, protected data must be as usable and user friendly as when, without data centric securities. So if you think of a software as a solution platform and all data in there is encrypted, and it is not as usable as it would be when it was not encrypted, then you realize that this is not the way that you want to work.
You want to have the full functionality. If you think of, for example, teams or SharePoint or outlook, or office 365 in general, you want to make sure that you have all these nifty features that you want to use also in a secure environment. And I think that is where we should aim at. So protecting data on the one hand is important, but having the user friendliness, the user experience and the functionality you require, that is something that we need to consider when we look at data-centric security. And that's it for my part, I hope I laid the ground for Dr.
Buno Quint director of cloud encryption at, or cloud cyber security. I want, I will hand over to him now, not to ignore that. I want to remind you of the Q and a as the third part of our today's session. So if you do have any questions, please do add them right now, or right when they come up into this panel within the software, so that we have these questions at hand later on. So to really get into detail for your questions and provide the answers that you want to have right now. And with that, I want to hand over to Dr.
Quin, Dr. Quinn, are you there? Yeah. Thank you for the great direction about data, about data, data security, and data centric approach. When we are thinking about the business requirements of our customers, we recognize that a huge amount of, of, of companies are looking currently forward for collaboration platforms. So public cloud is definitely something that what we have to cover, and this is also what you explained us until now, but we have also seen that a lot of companies, a lot of customers are also looking for data exchange.
That means they have to exchange on high secure basis data file shares, exchanging, and don't forget exchange via email, which is still a huge amount of data, which is transferred via email. And we have to also to cover in this, in this area infrastructure, that means storages and a lot of more things, a three storage on Amazon. These are all infrastructure related stuff, but where we have to find some security solutions for. So this is the complete picture of what we have to cover. And not only collaboration because ion is just part of the business, but very strong, strong part of it.
Definitely before we are going a little bit more into details, we have to think about how have we defined security in the past, what we have learned in the last couple of centuries, we've learned that we have to secure data in our data centers via layer security. That means we are covering infrastructure platform applications. Somehow we are securing our organizations with parameter security firewall, for example, web application, firewalls, and everything. And then what we are doing is we are implementing roads and right management systems inside our organization.
Then we have learned to encrypt into secure data in motion. That means we are encrypting the transport way of data or our VPN layer, two encryptions gateways. And we have learned to harden service platforms and all the things where we are saying, okay, we are securing these platforms. Real aim of all these things is to secure the data, which are normally laying more, gets stored somewhere in our file, shares in our applications. And somewhere, these all have done successfully over the last centuries. And we learned to do a high security implementation in our data centers.
What is changing our, we have learned that a public cloud is changing the roots of the world because more or less the public cloud is using the same kind of infrastructure. They also have. These is services, platform services, and software as a services. But what is the difference?
Now, the difference is this is all controlled, managed, and operated by the provider. We don't own it. We can't unplug a cable. If something happening cloud platforms are really provide us a high secure perimeter security, best of world, best of breed, whatever you like. This is all provided by the provider itself. So pyramid is not longer the question and the risk. We have to take care for what is happening inside the cloud perform itself. So what we have learned is we have to implement the same right road management systems inside the cloud provider systems.
So what you have done is we have moved rides and roll systems and implemented that via piece and everything else inside the cloud, the cloud platforms. And here we have learned that the same kind of business rules, which supports us on the data center side on premises are now running also on the cloud side, what we still own in the cloud platform. This is our data. That's the only thing what we really own. And the target is we have to control this data because we don't, we cannot control the infrastructure. We cannot control what is happening, but what we need to control is our data.
Let's have a cloud connect. If you're reading the press, you will see a lot of, of documentations about a lot of articles about cloud infrastructure. And a lot of people are thinking, okay, whenever you're just implementing their own cloud stacks inside, maybe a germ region, this helps to secure the cloud. Yeah.
In, in, in a certain view. Yes it does. But just fortal and platform, not for something else. The data got stored, maybe them.
And, but we have to think when we are running these kind of things, what is left over currently, customers, companies are not looking for infrastructure in the cloud. They're looking for applications. So whenever somebody's thinking about cloud is thinking about special terms. He's thinking maybe about office or teams as a platform is thinking maybe of Google data analytics, maybe think about Amazon AI solutions or Alibaba's eCommerce. What is the difference? Now these are all software as a service. These are solutions. These is something what's get provided inside the cloud.
And the people currently in the Corona crisis. What they're doing is they're looking for teams. They're looking for these kind of software, which, which support them. They're not looking for, for open stack. They're not looking for storage systems and these things they're looking for solutions, which supports a business cycle. That means the challenge is not the infrastructure, but the applications.
So what you have to learn is applications are key applications of the major, the killer applications, how marketing's always talking about is provided by American Chinese and some other companies around the world. So what have we to learn is independent. Any of solution of any platform or infrastructure we have to learn to control our data in any unsecure infrastructure, wherever it is. And this is called the data centric security approach. So have a closer look what it really means.
So, first of all, we've already seen identity and access management systems. This is today in the two days world, this is something like active directly for Microsoft or something else it's still necessary because the rights and world systems inside our business, inside our organizations provides the complete, the basic of a complete business logic. So all the rights and road systems provide the business logic for us.
So we have to run still with these rights and what we have learned, what we have implemented in a very challenging way during the last 10 years, 20 years, maybe this is still key. So we still need it on this side. Then we have to think, what do we know about a data-centric approach, encryptions by definition, a really good database, a data encryption rate, not on database, a data encryption rate also data-centric so it's really pro protecting against any kind of attackers, but is this really a solution?
Just think about the only question, what I'm always asking our customers is how do you search maybe inside encrypted documents? Do you find your documents again? It helps you really, if you just want to secure your, your pictures, your photos inside, or Dropbox solution, this is a good approach to security this way, and to share with your family, then you can order it somehow. But if you really want to work with these kind of data, it's unstructured data. It's not only photos.
It's, it's also documents. It's Excel.
It's, it's word, it's whatever you are working with. So you have to learn that your business, your business process have to somehow support these kind of data.
And in if, if a business process is looking on a, looking on a encrypted data, it's a binary object. It's not long data. It's just a binary object. And businesss can't work with these kind of binaries. So we have to learn that couple of requirements has to get fulfill. First of all, is we have to encrypt any kind of data, documents, videos, images, whatever it is we have to provide the maximum flexibility in global way of working global collaboration, collaboration way. We have to support all the major platforms like office teams or online, offline, whatever we have to provide.
Also secure search functionality, secure search functionality means really secure way in this way. And we have to learn to handle in a global world legal, restricted data. That means if the data is not longer allowed to leave a country, maybe European countries, maybe also other foreign countries, we have to take care of that and we have to learn how to handle it. So when we started to implement these kind of, of solutions, the first idea, we just have to secure storage system.
Maybe if you take, for example, SharePoint as an example, we are looking on a data cause SharePoint is storing everything inside SQL server. So we just have to secure this storage system. Okay. What we missed in this view is when SharePoint or any collaboration platform, any document system is working with any data. They're doing a lot of things with these data. Whenever a data access is such a platform or such an application, they're building up an index for search they're building previews, they're building lists, they're building cashes and a lot more things.
So whatever happens whenever a real data accesses a platform, the content, the sensitive, and maybe high secure content disappears somewhere in the cloud or in the application. And before it comes to the storage system inside the database. So it's not really a solution just to secure the storage system itself. Another approach is what we have seen from providers. Bring in Yoki this, you end over the key to the provider and say, don't look on it. And then you have to believe strongly that nothing inside an application that nobody's reading the key itself. Okay. You can believe it.
The other thing is hold Yon key, hold key. That means you encrypt the data by yourself and upload it to the SharePoint system. That's what it means we've learned already from, but that here, the, the process, the business process stops because SharePoint office teams is not able to work with encrypted data. That means you are diminishing SharePoint to a Dropbox like system, no workflows, no full text search, nothing. So this is not the way to go, but we have to learn how we can do it. Let's have a look on it. What you seen until now, let's choose as an example of our document document.
It's just an example. And maybe the word document is already labeled somehow as confidential. And now you want to upload it to a cloud system like office. What you've learned is you cannot upload the real document to it, but you want to use the real functionality of such a office or SharePoint system. SharePoint system is same on-prem on, on or SharePoint online. So what we have learned, isn't this way we uploading a kind of placeholder. That means look on, on a, on a word document document consists of, of content, your text. You're right. You're typing in and kind of meta information.
Meta information is something like, like the labeling information, the format information is a lot more how, how the, how the print format is and, and all these things. So what we are doing is we are taking out of the raw document, the content. So we are uploading an empty piece of paper just with the, with the filtered meta information inside filtered means we are controlling what kind of meta information accessing the cloud, because everything, what is, what is was going toward the cloud is running inside an unsecure infrastructure.
And we accept it, but we want to use the great functionality of office, but we don't trust the cloud per se. So here we trust are uploading an empty piece of paper and that's it. And with this piece of paper, historically, almost all, all applications, all workflows are running completely transparent.
The original data, what you're doing is we encrypting the original data somatically and as asically, and, but at this point, our customers are coming and say, okay, we have heard that some quantum computers are currently going to get developed, maybe in very short or near time, this category can break the current crypto algorithms. So what we have done is we are encrypting it first. And then what we are doing is we are menting it. So just consider as you're just, you are encrypting a piece of paper, and then you're putting it inside a shredder and taking the snippets out of it.
And this is what we call data junks. And the junks you have the ability or the customer has the ability to store it on predefined storage systems. So maybe you like to store it one junk in Google storage, one junk Amazon junk storage system, or you can decide to store the junk somewhere on premises systems in data centers, in defined region, maybe in Germany. So you can work inside and Azure stack with office 55, complete transparent, but your, your data, your original data got stored somewhere on a predefined storage system, via software defined storage system.
So what as it means, this approach, what we've implemented with our solution trusted gate is providing you a view on trusted on, on a, on a public cloud system or where we never store any confidential data at all. We just give you the ability to store completely contentless placeholders, which is just following the completes, why rules and business processes inside such an office series five system. Why the original data get encrypted junked and start on your configuration. Less. This complete process is a content pending process from classic gate itself.
It just the piece of software it's it's built up and the designed in microservices, you can run the different M servers in containers in VMware, highly scalable. In one instance, we have measured up to phone at megabit per second throughput. One instance, if you need more, just run several instances, put load balance up front, and that's it. This is immediately. You have a, a high sec high security solution with it, high availability solution, everything you like, all your applications, all your workflows are running completely untrained.
We have the ability to follow the complete business logic. What is implemented right now because there's a placeholder these empty piece of paper in, in this part, this is following the business process. Whenever somebody's saying, okay, now I want to get access to the content. He makes this normal double click on it. And then trust gate comes into the game. Truk is checking the authentication of you, who are you? And then you say, we have the right to see this. If an end-user has, right, what you're doing is we are assembling the junks. We are putting together the encrypted document.
We are decrypting it with the private piece of that part. And then we are provide handing over the decrypted documenting. And this was with a high security, high scalability approach on your wish. What is possible? Sure we can. We can control via very standard ways from where do you access the data. If the data is just allowed to, to get stored and accessed by Europe, we can provide the ability for customer.
They say, when I'm in China, I'm not allowed to download high security documents, Excel files, or whatever. This is completely, let's say standard way, how we can handle it. So what we provide here for companies that we provide the complete control of their data to any organization, to any company, he can control which data get exposed inside the cloud. So he can now also upload it non encrypted if he likes, but for every, every data, which is high security labeled, maybe we control it. And we just upload these empty piece of paper.
So the full control to any customer, to any company, which data got exposed inside the public cloud, which is by definition, a unsecure infrastructure or the data or the origin couldn't can be stored wherever he likes in other storage system, in the cloud, on premises, in data centers, in the region, he likes to define it's completely configured completely on his hand, what he really wants to provide. So let's have a look how an entity user is working with it. So a normal approach is how to use it such a solution with an five solution in it.
And nowadays those it's two screen of two different persons left is the, is Adam, the worker who is working with trusted gate and approved with trusted gate. And on the website, you see Donald ER, who is successing on an not allowed way, a content inside and office 35 inside the sharp system. As you see here, you see on the right side, it's the same site. You can see, we have encrypted, non, non encrypted documents uploaded to this part. And you see in that you have, you can, you can encrypt also file names. And if you compare it, the worker Adam is seen a complete transparent view in it.
He got encrypted file names and everything else, why the hacker Donald is just seeing these placeholders, these virtual files. And if you download it now on the left side with trust gate, what you're doing is resembling the junks, putting, putting everything inside a encrypted paper, decrypting it, and providing this on the fly for a worker on the right side. You can see that is just in this TPS of paper. We just putting a sentence in there's just file. Please download, lose using trust.
So you see the difference whenever somebody is accessing in not allowed way, any data inside a public cloud system just of paper. So that's it. If you want to search inside, we provide a full flow, secure search. So we are building up an own, an own encrypted encrypted index.
For that, we provide a federated search across, across Chapon systems. We are using for not encrypted data, the SharePoint search index. So on the left side, on the right side, you see just, if you are looking for budget, you're just seeing the, the definition of the non-encrypted document on the left side, you find a lot more results. You see you, you can see also difference.
Maybe you, you can see it. We cannot, we cannot provide any previews in the such a search part, because preview is just a, yeah, we are doing a kind of, of paper on it. So we are not providing previews on that. And the second restric is also, we cannot provide any data inside the cloud. So whenever somebody wants to access simultaneous is this famous part. You want to edit to PowerPoint with 50 users there also possible because then we have to decrypt something inside the cloud. These are the only two restrictions we provide with such a solution. So teams is running similar way.
Here we are supporting not only office, but also chat's conversations, the complete key team communication, except for what is inside Skype for like that. So if you upload this now inside a conversation or chat, we encrypt it simultaneously at hacker. We'll just get access to the placeholder file. And that's it. And if you, if you, it at a search is also supported in the teams session on this way, it's a secure search with it's an own microservice on this side. So we provide transparent views on it. So this was just a small part on yeah. On the ation.
So we provide a huge bunch of functionality with our trusted gate is just one product, but we provide different solutions for different use cases. So business cases for our customers. So we support SharePoint, OnPrem solutions, office teams, encryption. We also provide Azure solution inside the Microsoft marketplace. So whenever you like, you can just go to the marketplace and run a demo in it. You will find it under trust gate. We ask trust gate solution.
You can run a test drive and you can run directly in your or 65 solution subscription, a solution which get installed inside your own subscription. And the introduction also said, okay, well you have fluent with our customers. They also need support in any kind of data exchange case business cases. So that means kind of data rooms. If they want to exchange data between different security domains, between different organizations, we support this. We also also high security data diet solutions between the different. So there's only one way.
Communication of data is going to be control data attachments, which got provided or got attached in an email system. And we provide a skill mobile access solution while for mobile workers who want to access highly confidential data and somebody who is don't like crypto mobile devices, they have to access over the can access with our mobile solution, but different, which is of highly interest for organizations is secure infrastructure. A lot of companies are not allowed to work with their own IDs inside cloud systems.
So we provide productization solutions, or if you have a proprietary applications, we provide encryption as a service solutions where you can access directly on. So rest APIs, the encryption API of trust gate, we also provide in any kind of organizations in any kind of infrastructure, very easy mighty multitenant solutions. So if you want to run inside your chap solution, different tenants, we provide you as solutions for that one of encryption and also secure colocalization.
That means if you have regional worldwide privacy regulations of your data, we control that with Cate, that none of these regulations will get compromised because then we can install Cate in these different countries while you're working directly in a central data center. So this was the overview for my side, please, if you like more information, go to our website, have a look on it, or go directly to our, to our marketplace offering and run a test or run directly the distribution in your own subscription. Great. Thank you very much, Dr. Quinn. That was very interesting.
And I think some kind of thought provoking for the participants as well as this is really a, a surprising approach. Okay. Before we actually enter the Q and a session, just the reminder, please, please ask your questions.
The, the more questions you ask, the more we can get into detail into what you're really interested in. First question, as many organizations are thrown, of course, the question comes up are thrown into the situation that you're working with teams. They are using this, this, this cost free solution that Microsoft provides just right now in this special, weird situation that we're in. How long does it take to, to set this up? Yeah. In teams currently, we don't have a marketplace solution for that. Corona comes to a little bit too fast for us too early for us.
So teams is currently running on professional. So we have to install it. We cannot install in one day. It's pretty easy to do, but we have to do it somehow. Okay. The installation with office five is running just on the click five minutes then it's done.
Okay, great. Thank you. Other question. That is something that I can answer very quickly. The question for the slides. Yes. They will be available for download on the landing page for this webinar latest tomorrow. So you just can download the presentations from, from Bruno and from me just tomorrow. It's easy to, to get fractured there. One question that came up of course is to break things.
What, what happens? You you've mentioned that the data is encrypted and afterwards then it is cut into pieces sliced and only the recombined slices can then be unencrypted afterwards. So how do you, how do you deal with data loss there? So if one chunk one slice gets lost because I don't know a database or a heart drive dies. How do you deal with that?
Yeah, it's a good question. It always comes up after while. Okay. What we provide. I also said it's, it's, it's a software defined storage. Sure. We also provide rate support on this side software rate. That means we provide rates 0 1 10, whatever you like. That could be to security in this way that you're saying, okay, for more high security, you, we can store same, same chunks on different storage system. So we have redundancy implemented, but just remember this just chunks itself are just binary object. So it's on your own configuration.
What you like more performance, more security it's completely configurable via or admin service. Okay. That sounds, sounds good.
One, one fact that still left some open questions, although you showed it in the, in the demo or in the presentation is the, the, the search index. How do you, how do you maintain how, how, if there's only an empty piece of paper, as you've mentioned, when does this indexing take place While it's inside our trust gate? Because trust gate is intercepting. The data stream Tru gate is sitting insides, the data stream or via reverse proxy or other standard standard systems. So what we're doing is we are intercepting the HTP traffic. Whenever it comes through, we are, we are picking up the data.
And what we are doing is if search is adoption system inside, we are running with a, with a standard search engine. We took solar, but we can also, we invest just engaged with the elastic search. We are doing this inside a own search index, so we can use it on this site. And we are building up an encrypted part. So we are not, we are not sup we are, we are not sup supporting the, the not encrypted part because this is done by, by SharePoint itself. So share is building up the index for the non-ED documents. And we are building up for the encrypted part.
Output is not allowed to look inside any sensitive content because otherwise you will get access to the, to the, to the index and via the index. You can see what's, the insights are to document. So we have to keep it completely separate. But what I said, we provide a federated search across both search engines. So a customer will not see the difference is just searching for a, for a keyword and then he's cutting the results of both.
Okay, great. Thank you.
Yeah, we have some very, very good questions. Actually. I have one that that should be split up in at least three. First of all, do you have some information to share when it comes to scaling this software sizing and performance and availability, how do you deal with larger scale deployments?
How, how does that work? What, what, what do you need for that? First of all, we have to consider what kind of bandwidth is the customer? Does the customer need, we customers who are talking about one terabyte files. Okay. This will definitely, if you have just one instance running, this will definitely close down this instance, then we would suggest run several instances of it. Yeah. And split it up. We can also, we can also encrypt a one terabyte file, but the latency time will be horrible.
So if you are, if you are talking just about normal, normal documents as 1, 5, 10 megabyte, or maybe also, so it's, it's pretty easy. It's, it's, it's completely linear, scalable with it.
And as a, as I've said, one instance, we've tested up to phone and mega bit per second with, I see, I think about 60 calls. If you, if it's not necess, it's not sufficient for you, just run several instances and put a load balance front, then you split up data traffic about all these instances, and this is normal, scalable, linear, scalable architecture on this side. Okay. So currently we haven't seen a real, real border, real limitation of this scalability is such just a question of your infrastructure, Which could be virtualized.
Right, correct. Right. And I think that that also answers the other question that, of course, such a solution in front of a key infrastructure of an organization could pose to be a single point of failure as well. But as you said, low balancing parallelization should solve this. Right. Right. Just put just one, several instances upfront, as many as you like. So instances could be run in a high availability mode.
It's, it's, it's a, it's a standard architecture what we are doing in this way. Okay, great. So last call for questions. I have one left here. Of course. Final question always is about money. We don't talk about money here, but how is it licensed?
What, how is, what is the licensing scheme behind that License scheme is user based and core based. So we are counting users and we are counting costs. That means the performer. We can run 10,000 users with one core, maybe a little bit less it's, it's a decision of a customer, but these are things our salespeople would love to answer you. Okay.
But, but it's people plus course. So there is a more or less Plus Course. Yeah. It's more or less a simple calculation of based on what you need and what you have to pay. Yeah. Right. Great. Okay. So no more questions. I've checking. I'm checking the list.
No, that's it. So that's it for today. Thank you very much to all the participants for attending this webinar.
Thank you, Dr. Quint for providing this insight into a very, very interesting technological approach towards securing data in, in, in secure environments, whatever it is, that's it. From my point of view, do you want to add something Dr. Quinn? Yeah. If you really want to have a look on it, go to our marketplace edition, just click on it and try, give it a trial. You can run it, you can choose it and you can see how performed it is and how it fits your expectation and everything else you can find on our, on our website. Perfect. Great. Thank you very much for your time.
Once again, I'm looking forward to having all of you again, in one future edition of these scoop a call webinars for the type being thank you very much for attending. Please stay safe, stay healthy and have a good time. Thank you very much, Dr. Quinn. Goodbye. Yeah. Thank you. Goodbye.
For, for my side.