Skip to main content Scroll Top

Cloud data encryption with CENTRAYA

Centraya – because it’s your data

In every boardroom, cloud is the answer: faster projects, global collaboration, powerful SaaS for CRM, HR, service management and analytics.  But there’s one uncomfortable question that never really goes away:

“Who actually controls our data once it leaves our infrastructure?”

If your customer records, employee data, IP or patient information are sitting in someone else’s data center – possibly in another jurisdiction – you’re relying on contracts, goodwill and hope. That’s not a security strategy. And under regulations like GDPR, FINMA, EBA and others, “we hope it’s safe” is not a valid argument.

That’s exactly the problem Centraya (by e3) solves.

Meet Centraya – Data protection in the cloud, on your terms

Centraya is a European Cloud Access Security Broker (CASB) engineered in Switzerland to protect sensitive data before it ever reaches the cloud.

Think of it as a smart, high-speed encryption gateway sitting between your users and your cloud applications:

  • Your CRM, HR or any other cloud app still works as usual.
  • Your users keep their familiar interface and workflows.
  • But the sensitive fields and files they work with are encrypted in transit, under your control, with your keys.

Salesforce, Microsoft Dynamics, ServiceNow, SAP, HR systems, custom apps – if it’s a cloud or hybrid application, Centraya can protect the data flowing through it.

From the cloud provider’s perspective, your most valuable information is just encrypted content – unreadable, unusable and safe from prying eyes.

You own the keys. Full stop.

Most “secure” cloud scenarios stop at: bring your own key. You still depend on someone else’s key management, someone else’s HSM, someone else’s processes.

Centraya takes a fundamentally different approach:

  • Centraya comes with all the protection mechanisms – but no keys.
  • Only you generate the keys. Only you own them.
  • There is no master key and no backdoor for a provider, vendor, or government agency.

This is what we call Bring Your Own Encryption: you control

  1. the key,
  2. the encryption mechanism, and
  3. the location where encryption happens – on your infrastructure, under your policies.

The result? Even if a cloud provider, hyperscaler, or foreign authority has physical access to your data, they still don’t have what matters: the decryption keys.

Protection Domain Technology – security that scales with your business

Traditional CASBs often use one key per application or even one key per tenant. That may be simple, but it’s not what you’d call “defense in depth”.

Centraya’s Protection Domain Technology lets you define the level of granularity that matches your risk and compliance profile:

  • One key per application
  • Or per record / field
  • Or per user / employee
  • Or any combination of the above – and at massive scale

Example:
100 employees working in a CRM with 10 protected fields? Centraya can transparently manage 1,000 keys for that single app – automatically.

You get:

  • Strong cryptographic separation between data sets
  • Fine-grained revocation and key rotation
  • Tailor-made protection for high-risk data (VIP customers, R&D, executives, health data, etc.)

All of that without drowning your security team in manual key management.

Faster than a blink: high performance by design

Security that slows people down will be circumvented. Period.

The design goal for Centraya is simple: secure cloud usage – without slowing it down.

  • A human blink takes ~300 ms.
  • Centraya typically encrypts and decrypts your data in less than 10 ms on average in performance tests.

That means:

  • Your sales team doesn’t notice anything while working in CRM.
  • Your HR specialists see the same screens they’re used to.
  • Your service and support staff keep their responsiveness.

For users, Centraya is invisible. For attackers – and for anyone who’s not authorized – it’s an impenetrable wall.

100% Swiss made – and independent

Centraya is entirely developed in Switzerland; technical support is Swiss-based too.

That matters for three reasons:

  1. Legal independence
    You get a solution designed in a jurisdiction that’s not bound by the same disclosure obligations as certain major cloud nations. Our goal: we do not, and cannot, be forced to hand over your secrets.

  2. Engineering quality
    Swiss engineering is more than a label – it’s a mindset: precision, reliability, longevity. Centraya is built to be a strategic security component, not a disposable gadget.

  3. Trusted support
    Security is about people as much as technology. You get direct access to experts who understand encryption, regulation and cloud architectures – not just a generic helpdesk.

A platform for all your cloud applications

Modern organizations rarely use “a cloud”. They use many:

  • CRM in one cloud
  • HR in another
  • Service management somewhere else
  • Analytics, collaboration, sector-specific SaaS – all over the place

Centraya is built as a platform to cover this multi-cloud reality:

  • A central gateway that you deploy on-premises, in your DMZ, or hosted – whichever fits your architecture best.
  • Ready-made protection profiles for major applications like Salesforce, Microsoft Dynamics, SugarCRM and more.
  • A powerful Profile Generator / Inspection Mode that lets you secure any cloud app:
    • Point Centraya at the application
    • Browse the fields
    • Select what needs protection
    • Choose encryption, masking, tokenization, etc.
    • Done – the profile can be deployed with a click.

One platform. Any app. A consistent security model across your entire cloud landscape.

What Centraya delivers for your business

1. GDPR-grade protection – everywhere your data goes

Centraya helps you enforce strong technical measures for personal data, as demanded by GDPR and other regulations:

  • Personal data encrypted at field level, before entering SaaS
  • Strict control over who sees cleartext – and who never does
  • Simplified audits, because encrypted and unencrypted data are treated differently from a compliance standpoint

You show regulators and customers that you don’t just talk about data protection – you’ve built it into your architecture.

2. Zero Trust – extended to the data layer

Many organizations have already embraced Zero Trust for networks and identities. Centraya takes the same principle and applies it to the data itself:

  • Assume no provider, network, or external system is trustworthy by default.
  • Encrypt data close to the user, under your control.
  • Let cloud providers run the application – without ever seeing your crown jewels in cleartext.

3. Protection against ransomware, insiders and “AI hunger”

  • If ransomware actors exfiltrate your cloud data, Centraya’s encryption makes it worthless to them.
  • Malicious insiders at providers can see tables, not meaning.
  • And even if someone uses your SaaS data to train AI models, Centraya ensures they only get encrypted “noise” instead of real business secrets.

4. Secure migrations and exit strategies

If a provider disappoints – on price, performance or trust – encrypted data gives you freedom:

  • You can switch providers and leave encrypted data behind.
  • Without your keys, the old provider has nothing usable.

You’re no longer locked in by fear of where your historic data sits.

5. Sector-specific confidence

Centraya is a strong fit wherever data is sensitive and heavily regulated:

  • Financial services – meet FINMA, EBA, CFTC and other supervisory expectations on data handling and storage.
  • Healthcare – protect electronic patient data and integrate an extra security layer into standards like FHIR.
  • Manufacturing & R&D – secure IP, prototypes, formulas and design data without needing separate “secret networks”.
  • Public sector – keep citizen data confidential, even when leveraging commercial cloud services.

Easy adoption, minimal disruption

Security projects fail when they demand that everyone change how they work. Centraya is explicitly designed not to do that.

  • Transparent for end users
    They keep their existing cloud UI and workflows. Centraya works in the background as a gateway. Centraya+1

  • Straightforward for admins
    Enterprise staging, profiles and inspection mode support a clean progression from test to production – without re-doing everything manually. Centraya

  • Flexible deployment
    On-premises, private cloud, hybrid, public or multi-cloud: Centraya can be placed where it best fits your security and network architecture. e3 AG+1

You’re not buying a point product – you’re adding a controllable, long-term security layer to your digital strategy.

In one sentence

Centraya lets you exploit the full power of the cloud – CRM, HR, service management, custom SaaS and more – without ever giving up control over your data, your keys or your compliance posture.

Ready to talk about your data in the cloud?

If you’re…

  • Moving more critical workloads to SaaS
  • Worried about GDPR, regulator pressure or cross-border data access
  • Looking for a realistic way to implement data-level Zero Trust
  • Or simply tired of trusting that “the provider will take care of it”

…then it’s time to look at Centraya in action.

More information and a demo request:

Let’s make sure your cloud strategy is ambitious, agile – and truly yours.

    Hidden fields
    GET IN TOUCH
    CONTACT US

    Philitelaan 57
    5717 AK Eindhoven
    The Netherlands

    Phone: +31 (0)85 065 5254

    Email: info@e3benelux.eu

    We’re glad you find our content valuable. Please note that the material on this website is protected by copyright and may not be copied or reused without prior permission. If you’re interested in using our content, feel free to contact us—we’re happy to discuss proper use