Many cloud services do not adequately protect your privacy because they only use HTTPS encryption. With end-to-end encryption, Versiobit ensures the highest level of data protection and enables you to process data in compliance with the GDPR.
What is End-to-End Encryption?
While most cloud services advertise encryption, they often limit themselves to standard HTTPS encryption, which secures only the transmission of your data over the internet. In essence, the provider processes your data without encryption, granting them full access to your sensitive information.
End-to-End Encryption, on the other hand, ensures that sensitive data is encrypted directly on the user's device. The IT operator has no access to the encryption keys, thus preventing access to confidential data.
Overview of Encryption Levels:
| Protection against eavesdropping on the internet | Protection in case of theft of IT operator's disks | Zero Trust – Operator has no access | Protection against hacker intrusion at the operator | |
|---|---|---|---|---|
| HTTPS | ✅ | □ | □ | □ |
| At-Rest (IT Operator's Disk Encryption) | □ | ✅ | □ | □ |
| End-to-End Encryption | ✅ | ✅ | ✅ | ✅ |
Hence, it's vital to scrutinize what a provider means by encryption and ask:
Are my sensitive data exclusively processed in encrypted form?
Benefits of End-to-End Encryption
End-to-End Encryption provides the highest level of data protection in the cloud.
Zero Trust
Even we, as operators, have no access to your data. This means that even our own employees, whether administrators or support staff, cannot access your data. Your critical business information remains secure from unauthorized access.Protection against hackers
No cloud service is 100% immune to hacker attacks, as evidenced by successful breaches of other cloud services in the past. In the event of a successful intrusion, your sensitive data remains unreadable and unusable for attackers, thanks to End-to-End Encryption.Additional HTTPS Security
We enhance your internet communication security with HTTPS. This allows you to confidently access versiobit.com, even in insecure public Wi-Fi networks.
Security of our Encryption Procedure
We rely on the proven AES 256-bit encryption in the particularly secure GCM mode.
The AES-256-GCM process complies with the current recommendations of the National Institute of Standards and Technology (NIST). Thanks to its 256-bit key length, AES remains highly secure even against attacks by future quantum computers. While asymmetric encryption methods (e.g., RSA) can be severely compromised by Shor's algorithm, Grover's algorithm only provides a quadratic speedup for key searches in symmetric methods like AES-256. Consequently, 256-bit keys remain extremely robust, even in a post-quantum scenario.
In addition, the GCM mode not only ensures confidentiality but also protects your data from tampering. Its built-in integrity check prevents attackers from altering data undetected. Since every encryption operation requires a unique initialization vector (nonce), we pay special attention to ensuring no nonce is ever reused. This is the only way to maintain the security of the procedure in all situations.
Our encryption mechanism can be deployed as a standalone component for straightforward verification. For enterprise customers, we offer dedicated hardware solutions, enabling your administrators to independently monitor the security of your data.
End-to-End Encryption at Versiobit
Our cloud storage provides end-to-end encryption based on AES by default. AES-256-GCM has been regarded as one of the most secure standards for years, and it meets all requirements for state-of-the-art data security—both today and in light of potential future quantum computers. All sensitive data, including directory names, file names, dates, and file contents, is encrypted on your device before transmission.
Your password, serving as the encryption key, never leaves your device. Only you have control over it, meaning that only you can decrypt your data. To ensure maximum security, we strongly recommend using a long and complex password. At Versiobit, we have no means to recover your data without your password.