The cloud isn’t as safe as you think; is end-to-end encryption the answer?

Not a week goes by that we don’t hear some news of a massive data leak, password exploit, or other security issue with a big-name company doing big business in the cloud. So how do you keep your own data and documents out of those headlines?

Ensafer is one approach to cloud security. It’s a product for end-to-end encryption — that means your stuff, whatever it is, stays encrypted through transporting, sharing, storing, etc.

“If you ever stored or shared a sensitive file using Dropbox or similar services, you know what we are talking about; that feeling — ‘Can I trust the cloud?'” said Dag Tore Aam, a VP for the company, in a recent email exchange with VentureBeat.

“In work life this problem is present in every organization; employees use cloud storage and sharing services that internal IT cannot control, the result is data gone astray.”

Invenia is the company behind the Ensafer product. Founded in 2007 at Norway’s University of Tromsø, the company spent years doing research and development around web-based software and resulting security issues and exploits. “Invenia has never had any other focus, the company lives and breathes encryption,” said Aam.

With Ensafer, encryption happens locally before a file is uploaded to the cloud, and decryption only happens locally on a user’s device.

“Using Ensafer with a major service means that the user has to make one decision only: What files should I protect?” said Aam. “When this is done the user simply places these files in the encrypted folder, and the file-sharing/storage service take care of everything else. Then you manage the encrypted files in e.g. Dropbox or Google Drive, as any other file. All complexity hidden.”

While many of us normal folks don’t think about security much day-to-day, True Ventures partner Tony Conrad said onstage in reviewing the product, “People identify problems that others don’t realize they have … We’re moving towards a world where people become a lot more cognizant of the risks of not [thinking about security].”

Invenia closed its first round of institutional funding in December 2011, with capital coming from angels, private investors, and employees. The startup is seeking a new round during the final months of 2012.

Invenia is one of more than 75 companies chosen by VentureBeat to launch at the DEMO Fall 2012 event taking place this week in Silicon Valley. After we make our selections, the chosen companies pay a fee to present. Our coverage of them remains objective.