Security by Sweden – Clavister’s European approach to protecting European data
John Vestberg, CEO, Clavister
We believe that now, more than ever, robust cybersecurity is everybody’s business – whatever business they’re in. A growing number of cyber-attacks and data breaches means an organisation’s infrastructure, and the data it holds, are increasingly at risk of exposure. And, with the requirement by certain major governments for the provision of “backdoors”, it’s not just criminals that are able to access that data.
Clavister is committed to ensuring the integrity and security of our customers’ data and infrastructure at all times. Founded and headquartered in Sweden, our proprietary operating system and solutions are designed, developed, and operated completely within the EU, and deliberately avoid public cloud providers. This guarantees that our customers’ data won’t be exposed to foreign entities and the uncertainty of non-EU legislation – we don’t have to conform with the PATRIOT Act, there’s no spyware, there’s no compromise, and there are no backdoors. It’s what we like to call “Security by Sweden”.
Threats to data privacy
Strict regulatory governance by some of the world’s cybersecurity “superpowers” can have serious implications for the privacy of an organisation’s corporate and personal information.
China’s cybersecurity law, for example, which came into effect in 2017, allows authorities to carry out spot-checks on an organisation’s network operations, and requires service providers to allow full access to data upon request. Similarly, a draft bill by the Israeli Prime Minister’s Office proposes powers under which the Government can gain direct access to an organisation’s systems and data if deemed to be valuable for cyber-defence purposes.
In the US, companies are required to comply with regulations such as the CLOUD Act and US PATRIOT Act, both of which pose a risk to the privacy of data from anywhere outside the country. They require that a backdoor must be built into every application or solution built in the US – whether it’s for cybersecurity, hosting, or collaboration – through which third-parties can access data, often without the owner ever knowing.
What’s more, all American IaaS cloud providers are required by law to keep a significant amount of sensitive information on their foreign customers – ranging from names and email addresses to national identification numbers and IP addresses – in order to assist US authorities in their hunt for cyber criminals. When you consider that these cloud providers include AWS, Microsoft Azure, and Google Cloud, the impact this order can have on citizens and companies around the world is clearly significant.
With Clavister’s Security by Sweden approach, however, there is an alternative.
Choosing a European host
Rather than risking the privacy of their data with hosts based on other continents, European businesses should consider housing that data with European-based providers instead. They should also ensure that any third-party software and service providers they use are based in the region, with no infrastructure links to or partnerships with China, Israel, or the US.
Choosing a European host has additional advantages, too. For one thing, it offers the additional peace of mind that an organisation’s data, and that of its customers, will be fully protected by the GDPR, one of the most stringent data protections regulations in existence today. And, of course, an organisation’s cybersecurity challenges will always be best addressed by a host that understands that organisation, its language, its culture, and the regulatory environment in which it operates.
Clavister is one such host. Being based in Europe means our experts remain close to our European customers, allowing them to enjoy direct access to the deep technical know-how of our developers. It also means we’re subject to EU legislation only. By keeping our operations within the region, and by deliberately avoiding using the dominant public cloud providers, we’re able to deliver on our “no backdoors” policy.
Securing the future
Achieving our vision of an all-communicating world based on trust and security depends on continuous technological innovation, and robust solutions that can protect against cyber-attacks both now and in the future.
As a member of the European Cyber Security Organisation (ECSO), and with ISO 9001 certification, the quality of Clavister’s technology is assured. Our solutions are based on our own proprietary operating system, so we can avoid the flaws occasionally found in non-specialist or open-source operating systems. And we’re always investing in securing the future, constantly advancing our technology, and the way we make it available, so that our customers can meet the demands of the ever-changing threat landscape with confidence. Everything we do is based on the belief that your data is yours and yours alone. Only you have the right to access it and view it. We believe robust cybersecurity is everybody’s business. With our European-based, proprietary technology, and our Security by Sweden approach, Clavister makes it our business.