Claus-Peter Beringer, Eclipso: “personal data must be protected as much as possible in all areas of life”
With projects like Metaverse accelerating at a frightening pace, the lines between what is public and what is private are blurring. Many of us are becoming wary of handing our personal data to whoever asks for it, and are looking for solutions that put privacy first.
Personal data has become a currency by now, especially when it comes to free products or services. Like the saying goes – if it’s free, the user is the product. Many commercial SaaS products focused on privacy still require at least some kind of personal identification in order to be usable.
That’s why Cybernews reached out to Claus-Peter Beringer, the Founder and Owner of Eclipso, a secure mail and cloud provider, to talk about protecting personal data in the world which makes it difficult to do so, and about old and emerging threats that email and cloud users face.
Let’s go back to the beginning of Eclipso. How did the idea for this project come about?
First of all, many thanks to the Cybernews team for giving me the opportunity to present my heart's desire here.
A few years ago, I was (again) looking for a new email provider. The providers that I ran into during my research were not at all what I had imagined.
Sometimes it was too complicated to use, sometimes it was simply too expensive, and with most of them, you had to enter so much personal data that I thought to myself: Hey, I just want an email address, not to take out a loan or buy a house right away. It has to be easier, safer, and different. Providers outside of Europe were generally out of the question for me, as it is important to me either to have a contact person or to receive qualified support.
So the idea came up to build an e-mail service according to my own ideas and concept. Since I also wanted to create a brand with recognition value, the art term "eclipso" came about during a nice evening with friends. We explain exactly what "eclipso" means on our website in the "About us" area.
In the beginning, it was a part-time project, but friends and family quickly joined as users and gradually the first customers.
Can you tell us a little bit about what you do? What issues do your products help solve?
With just one login and under one roof, eclipso Mail & Cloud offers all the tools & apps you need for modern communication and organization.
You do all of your written communication on a single platform because, in addition to our core product, e-mail, letters, faxes, and SMS can also be conveniently sent online with the eclipso Post Office.
Photos, files, and documents are stored and shared in the eclipso Cloud.
With eclipso Office you can manage your appointments in the calendar, record tasks and notes, and bookmark your favorite websites online.
Over the years and at the suggestion of customers, many useful functions have been added to the original idea of an email service that fits well with the topic.
Ease of use, protection of privacy, security, data protection, transparency, customer orientation, useful applications, and a simple and well-thought-out price model are the cornerstones of our actions.
It is evident that being transparent and environmentally friendly is important for Eclipso. Would you like to share more about your vision?
In an increasingly complicated world, people want simple, transparent, and environmentally friendly solutions. That's why we rely on a simple pricing model without an automatically recurring subscription with transparent and clearly structured prices. For example, if a customer buys one of our value-added tariffs Connect, Premium, or Business, the term is always limited to one year and is billed with a one-off payment. Shortly before the end of the booking period, the customer receives a reminder email and can then extend the term himself.
This may seem unusual at first, but our experience shows that customers are happy to take advantage of the term extension because you have control over costs and expenses at all times. Elsewhere, people sign up for an indefinite subscription and often find it difficult to get out of these contracts and, even after a long search, often find no way to easily cancel their subscription.
As an email provider and provider of cloud and communication services, we are aware of our responsibility and rely on sustainable business processes in our company. We know that providing and using our Services has an impact on the environment. However, if you look at the possibilities, tools, and functions that can be used centrally in one place, the advantages and direct benefits for the environment are obvious.
Central management of all correspondence, no unnecessary trips to the post office, no stamps, largely avoidable visits to the authorities, and much more. By using our online services you can positively influence your own carbon footprint.
How did the pandemic affect the email security landscape? Were there any new features added to your services as a result?
We currently see no direct connection that the pandemic should have had a direct impact on security within the email landscape. Services that previously did not value security and data protection may have had problems. The situation may be different for companies that increasingly let their employees work from home during the pandemic. Training employees in the correct handling of e-mails and the right equipment for software and hardware can have a risk-avoiding effect here.
As a provider, however, we have focused on the topics of security and data protection right from the start. That's why we see ourselves in a good position here.
The topic of encryption will continue to occupy us. Unfortunately, the current options (e.g. email encryption with PGP or S/MIME) are still too complicated to handle and not yet widespread enough.
A simple, open, cross-platform, and cross-system solution – as email actually is in the conventional sense – is currently completely missing when it comes to data encryption.
When talking about cyber threats carried out via email, what are the most common ones today?
Unfortunately, identity theft is a topic that is currently receiving increasing attention. Some people are just too careless when it comes to handling their personal data. If you like, we also record the classic phishing attempts, optically fake emails (e.g. from banks), or clumsy blackmail attempts that suggest to the recipient that the sender should actually have access to her personal data.
To support our customers, we have implemented some security mechanisms, e.g. we block external links, images, and scripts in emails by default in our web version. So you have to make a conscious decision as to whether you actually want to allow external content.
What sectors (for example, financial, healthcare, etc.) do you think require communication security solutions to be tailored specifically to them?
First of all, the top priority must be protecting Personal data as much as possible in all areas of life. No matter in which industry, whether public sector or private sector.
Particularly sensitive data must also be subject to special protection. This should always be taken into account during planning and design.
Despite its advantages, the cloud is still not a widespread security option. Why do you think companies are hesitant to fully move to the cloud?
Keeping control of data and data infrastructure in your own hands is a conscious decision. Even if the cloud offers many advantages, I believe it is wrong to simply delegate control of data and infrastructure to someone else.
The pure cost-benefit calculation may only play a subordinate role here. When calculating, it is often forgotten that outsourcing to the cloud also entails follow-up costs, some of which cannot be calculated.
As a convinced European and certified external data protection officer, I naturally prefer the strategy of staying as local as possible and hosting data exclusively in Germany/Europe. The EU General Data Protection Regulation in conjunction with the German data protection laws is an effective means of ensuring that data is processed and stored securely.
Besides email security solutions, what other security measures do you think modern companies should invest in?
As already mentioned, modern companies should always invest in the most important asset first: their employees. The correct handling of personal data, the correct handling of emails, and which tools and apps can be used in compliance with data protection and security.
There should also be a self-commitment to data avoidance, data minimization, and data economy in every company. The less data you have stored, the less interesting you become for criminals.
Just because you've been using certain tools and apps out of habit for a while doesn't mean they're the right ones. Sometimes you have to do some research and searching, but nowadays almost all applications have privacy-friendly alternatives.
Can you give us a sneak peek into some of your future plans for Eclipso?
As an independent provider of privacy-friendly cloud and communication services, we ensure that you can communicate and share content with others easily, securely, and privacy-friendly.
It is planned to expand eclipso Mail & Cloud with collaboration functions so that teams can also work together in a sensible and data protection-friendly manner.