The early riser

Tobias Christen is the CEO and co-founder of the company DSwiss, which stands behind SecureSafe. In this interview, he explains how the importance of privacy protection has changed.

Which events of the past years stands out in your memory?

By far the most important event was the revelations of Edward Snowden. He made clear that mass surveillance can easily be exploited for the purposes of industrial espionage. We can draw two conclusions from these revelations:

1. All internet traffic is continuously being watched. This means that one must protect sensitive data with measures that go beyond HTTPS encryption.
2. Secure cloud services must specialise themselves in order to be able to ensure the needed level of privacy protection.

Not long ago, you saw Edward Snowden at a live broadcast as part of a Security Insight event. What was your impression?

In the presentation he gave, he struck me as a modest and authentic human being – as a human being that isn’t seduced by doctrines and hypes. Of course, I was particularly pleased to learn that we have already implemented all of his tips in our SecureSafe setup.

Where do you currently see the largest data protection challenge in companies?

Nowadays, many companies outsource certain services to external service providers. What stands out is that these external service providers are increasingly being bought up by American and Chinese corporations. This potentially means that the end-customer data is exposed to a higher level of risk – in particular when it comes to industrial espionage. A very effective protection against this risk is the “zero knowledge guarantee”. This ensures that no one but the end-customer can ever access the data, including external service providers.

Looking at the security setup of smaller companies, how would you estimate their data protection level?

SMEs oftentimes have local IT companies set up and run their IT. The security level that is offered here typically is limited to so-called perimeter security (firewalls) and, in the best-case scenarios, active server patch management. Furthermore, the data are stored in data centres, which are located in states that have only a very rudimentary data protection regulation put in place. In my opinion, this does not suffice for sensitive data.

How did the topic of hacking change over the years?

In the old days, cyber criminals were quite often isolated individuals with limited financial resources. They were principally motivated by curiosity, pride or revenge. Today, the offenders are mostly motivated by economical perspectives and they are often engaged by governments. This means that we increasingly see well-organised and well-founded groups at work.

Which further developments can we expect from SecureSafe in the near future?

The core business of DSwiss is privacy by design – with SecureSafe as our main product we want to stay the course and excel in offering “privacy protected storage”. On top of this, we continuously want to add value through features. A couple of years ago, we added the basis for a secure communication platform through the features of “SecureSend” and “Team Spaces”. We aim to once again be ahead of the curve by implementing digital workflows and the first full-text search function with complete privacy protection (= expansive search function working within an encrypted environment).

DSwiss also offers IT solutions, which are often used by banks. Are there special requirements when it comes to security in this context?

Banks have always been focused on a particularly high level of security. This is without a doubt one of the main reasons why they are attracted to DSwiss and what we have achieved with SecureSafe. Banks have very strong security processes put in place, which we must comply to for a cooperation to work. However, our zero knowledge architecture takes the confidentiality protection, which banks generally implement, to the next level.