Tilo Weigandt is an entrepreneur who makes it his mission to combat hacks and leaks. As Co-Founder & COO of Vaultree, his goal is to fundamentally change the way we work with data: Fully encrypted. Tilo decided to co-found Vaultree, an innovative Encryption-as-a-Service startup, after having gained experience in various industries including FMCG, Automotive, Services, and Fintech, having worked in Business Development, Product Management, Consulting, Strategic Marketing, and CRM.
In this exclusive Cyber Talk interview, Co-Founder Tilo Weigandt shares insights into Encryption-as-a-Service, and who needs it the most.
Tell us about the Vaultree story
Vaultree is an innovative Encryption-as-a-Service startup, and our goal is to fundamentally change the way we work with data: fully encrypted. Data is exploding, exacerbating the problem. We know that the need to encrypt databases is not going away, especially with new regulations like GDPR.
We all know a person or a company that had their data leaked. We all know the consequences of it. So, why aren’t companies doing a better job protecting their databases? The truth is, current technologies simply don’t allow for sufficient protection, are outdated and very hard to use, requiring specialised knowledge, and performance trade-offs are the norm. We didn’t want businesses having to choose between security and performance.
We need fast and effective technology to protect the exponentially growing amount of data, and that is our mission. To do so, we gathered a brilliant team of developers, cryptographers, and mathematicians, a highly regarded advisory board, and partners in the tech industry.
What is Encryption-as-a-Service and who needs it most?
The idea of Encryption-as-a-Service (EaaS) is to allow businesses to take advantage of the security that
encryption offers with easier-to-use and accessible technology. We believe in EaaS as a crucial and straightforward barrier against cyber crime.
Every business needs to worry about data privacy, considering that losing the race against cyber criminals costs more than most companies can afford, not only financially but also in terms of brand image and reputation. That is the case for industries with lots of PII (personally identifiable information), like eCommerce, FinTech, HealthTech, TelCo, travel, etc. Highly regulated industries with strict compliance and data protection requirements, which are also under attack more frequently than other industries due to the value of their data, urgently need a fully compliant and frictionless way to encrypt and protect their most sensitive data without sacrificing performance.
Are there any myths surrounding encryption or data privacy that you’d like to clarify?
Yes. Lack of knowledge surrounding encryption technologies has been and still is an issue. Technology has evolved and the next-gen encryption is ready to break down the complexity. Education and communication are key to the process.
To mention a few myths, data at rest or data in transit do not suffice anymore, encrypted data in use is the new standard. With current encryption tech, data still has to be decrypted to work with it, and with Vaultree this era is over.
Also, the term “end-to-end encrypted” is misused nowadays because the full round trip is actually not encrypted, it is either “at-rest” or “in-transit”, not “in-use”.
What innovations make Vaultree’s product unique?
Amongst others, our proprietary ESSE (Enhanced Searchable Symmetric Encryption) and Fully Homomorphic Encryption (FHE) library VENum (Vaultree Encrypted Numbers) maximise both security and performance. These different encryption technologies bring flexibility, one of our key differentials. This performance leap allows the processing of fully encrypted data with a minimal performance overhead vs. queries over plaintext data. And the storage overhead which encryption always brings with it is absolutely low.
Our simple plug-and-play SDK does not require a professional to be a cryptography expert. In our case, we simplified the whole implementation process and usage to make it efficient. We’re talking about only 2 to 3 lines of code changes to fully protect your data. Full control is given back to enterprises allowing them to make decisions over what technologies are best for their environment and have not been available or possible for them to utilise before. From unbelievably fast queries to personalised setups, we want to break this myth by providing people with a fun experience with encryption – Why not?
Tell us about the technology behind the product?
By combining elements of modern encryption schemes, such as Fully Homomorphic Encryption (FHE) and Enhanced Searchable Symmetric Encryption (ESSE), our solution offers peak performance and simplicity when searching, processing, or computing fully encrypted data. It encrypts data client-side and allows for real-time scalable data processing and computations. The client manages the keys with some off-the-shelf cryptographic key management and distribution solutions including HashiCorp Vault, as well as YubiKey. We fully support a post-quantum key generation and distribution solution via Qrypt. It is truly a zero-trust environment, we take data privacy to its core. It’s our nature.
What key principles should organizations follow to protect user data?
We believe in encryption as a business enabler. An effective cyber security mindset should be part of a company culture from day one, and that includes cyber awareness training and access management, as human error is also the cause of some of the biggest ransomware attacks in the world.
Technology is available to break that gap, secure assets, reduce liabilities and strengthen workflows. EaaS can and should be used as a preventative instead of a reactive measure. So even in the worst case scenario of a hack or leak, something that every business is exposed to, your sensitive information is still safe. Encrypted data is useless to criminals.
Lastly, to receive cutting-edge cyber security news, exclusive expert interviews, in-depth analyses and premium cyber security resources, please sign up for the CyberTalk.org newsletter.