Comment

Secure and privacy-compliant work from home office

These days, more and more organizations and companies are gearing up for large-scale home working. If the worst comes to the worst, it is the only way to maintain business operations and limit the economic damage as far as possible.
Secure and privacy-compliant work from home office

Italy is already under lockdown, while Germany is threatened with similarly drastic measures to prevent the spread of coronavirus. At the beginning of the week, the European Central Bank (ECB) already sent part of its staff to the home office for a day. This was in preparation for the eventuality that their employees would no longer be able to come to the office because of the virus. The ECB is not alone in this consideration. These days, more and more organizations and companies are gearing up for large-scale home working. If the worst comes to the worst, it is the only way to maintain business operations and limit the economic damage as far as possible. However, IT departments are faced with a major challenge: they need to provide employees with convenient yet secure external access to company resources.

Hands off public cloud services

Groupware functions such as e-mail or calendars do not usually pose a major problem, as they are usually already available from any location via web clients and mobile apps. The situation is different, however, when it comes to exchanging files and documents. If companies want to give home office employees access to internal network drives, complex and costly VPN constructions are often required. Access from smartphones or tablets is usually not possible at all.

A modern alternative is offered by content collaboration solutions. They enable files to be retrieved and exchanged quickly, easily and independent of the end device by means of central online storage. They even increase efficiency and productivity through special functions for versioning, approvals or simultaneous editing of documents by several people.

The temptation to simply rely on one of the numerous public cloud storage services is great. However, companies are better off leaving it alone. These services are generally of US origin and are therefore subject to the US Cloud Act. This relatively new law entitles American authorities to demand that operators surrender all data relating to a person or company. This is not compatible with local data protection regulations such as the DSGVO and de facto forces companies to relinquish control over their often sensitive data. This has ultimately led to the Gaia-X initiative, which aims to create a secure and trustworthy data infrastructure for Europe.

It is therefore worth taking a closer look at the market and not being dazzled by big names. There are alternatives from Germany that enable companies to operate their own content collaboration solutions in secure and data protection-compliant private cloud environments. Open source providers such as ownCloud, a technology partner in the Gaia-X consortium, have a particular inherent strength in this respect: since the source code of their software is freely available, anyone can see for themselves whether it contains backdoors through which data can be leaked to unauthorized third parties. And when it comes to functionality, performance and user-friendliness, it has nothing to hide behind the Americans. Quite the opposite.

Tobias Gerlinger

March 12, 2020

Read now: