Most collaboration service providers claim to be secure because they encrypt data “in transit” between users’ devices and their servers or between their own data centers, and “at rest” while stored on their servers. However, even with encryption in transit and at rest, servers can still access unencrypted customer content.
That’s right: The collaboration provider’s vulnerability to breaches becomes your vulnerability, making your attack surface significantly larger.
A vast improvement is end-to-end (E2E) security, a feature providing an extra layer of protection beyond standard security. With E2E security, data is encrypted ‘in use,’ meaning all customer data transmitted through a collaboration service provider is encrypted before being sent, so that components—on-premise or in the cloud—only handle customer data in a safe, encrypted form.
So even if one of these components is fully compromised—a situation where those systems that only encrypt data at rest or in transit would fail—the attacker still can’t access customer data, because it’s truly encrypted end-to-end.
With E2E security, data is encrypted ‘in use,’ meaning all customer data transmitted through a collaboration service provider is encrypted before being sent
