Syncplicity Security and Control Features

Transcription

1 Abstract This paper describes EMC Syncplicity security features and controls for protecting enterprise data at the user, device, file, and folder level. Last Updated: March 2015

2 Copyright 2015 EMC Corporation. All Rights Reserved. EMC believes the information in this publication is accurate as of its publication date. The information is subject to change without notice. The information in this publication is provided as is. EMC Corporation makes no representations or warranties of any kind with respect to the information in this publication, and specifically disclaims implied warranties of merchantability or fitness for a particular purpose. Use, copying, and distribution of any EMC software described in this publication requires an applicable software license. For the most up- to- date listing of EMC product names, see EMC Corporation Trademarks on EMC.com. White Paper H

3 Table of Contents Purpose... 4 Syncplicity Overview... 5 Syncplicity Architecture... 6 End- To- End Encryption... 7 Orchestration Layer Data Storage... 7 Syncplicity Approach to Security User- Level Security and Controls... 9 Authentication... 9 Administration Device- Level Security and Controls Authentication Access Policies Encryption Administration Mobile Device Management Folder- Level Security and Controls Folder Sharing Folder Data (File) Protection File- Level Security and Controls Encryption Storage Control File Contents Protection Administration Reporting and Monitoring Third- Party Security Testing Privacy Certifications and Compliance Additional Information

4 Purpose The trends leading up to 2015 are clear - the velocity and costs of disclosed security breaches are at the highest levels the industry has seen. Today s security officer needs to strike a balance between delivering business productivity and securing enterprise information. Syncplicity provides a protection- by- enablement strategy that mitigates the risk of end- users bringing their own cloud- based file sync and share solutions into the enterprise. Ensuring the confidentiality, privacy, integrity, and availability of customer data is of the utmost importance. Syncplicity delivers a highly secure file sync and share service built to meet the requirements of enterprises. Syncplicity uses multiple layers of protection and defense- in- depth to ensure end- to- end protection of files and confidential data. The purpose of this paper is to detail the information security architecture and capabilities of Syncplicity. 4

5 Syncplicity Overview Syncplicity is an easy- to- use, enterprise- grade file sync and share solution. Our vision is to redefine Files for the mobile workforce. Unlike other solutions: Users get improved productivity from access and sharing of all their files from all their devices automatically, with no extra steps. IT gets control over all of the content that currently exists in unmanaged locations like attachments, local desktop folders, and consumer cloud services. IT gets strong security, controls and storage flexibility to protect corporate files and adhere to compliance requirements. Figure 1. Syncplicity Functional Architecture 5

6 Key components of the Syncplicity functional architecture are shown in Figure 1 and include: A frictionless user experience. Syncplicity allows users to easily access and share files from all of their devices with a highly- optimized and native user experience on every major device platform. This is critical for driving end- user adoption and improving organizational security by reducing dependence on attachments and consumer- grade online file sharing solutions. A comprehensive set of security features and controls. Security and controls at the user, device, folder, and file level give IT the tools and infrastructure integration to deploy the solution with confidence and maintain control of and visibility into large- scale file sharing. Enterprise- grade administration and control features. Administration, support, and reporting features give IT the tools they need to deploy and support Syncplicity at scale. StorageVaults provide flexibility to ensure security and compliance. Syncplicity StorageVaults provide a policy- driven hybrid cloud that gives IT the control it needs over data storage and residency to meet internal and industry regulations for file handling and data residency. Using StorageVaults, organizations can configure Syncplicity to store file versions and history in multiple storage arrays at the same time, based on user, group, and folder policies. No silos approach to enterprise content sources. Syncplicity Panorama provides mobile, VPN- less access to enterprise content stored in SharePoint, File Shares, and Home Directories. This enables IT to give end- users mobile access to content without having to migrate it. Rights Management. With Secure Shared Files, recipients receive a protected copy of a file (including watermarks, allowing screen capture, allowing printing, allowing offline access, and etc). The Syncplicity Secure Shared File feature protects the file so that it remains protected even after users download it. Syncplicity Architecture The Syncplicity logical architecture is comprised of a few primary components: A cloud- based orchestration layer that controls the sync process, enabling sharing of files and folders between users and devices. This is a multi- tenant cloud- based service that is common across all Syncplicity customers. Syncplicity StorageVaults control where files (and past file versions) are stored in Syncplicity. This layer is single- tenant for customers that choose on premise storage and is multi- tenant for customers using Syncplicity s public cloud storage. The storage layer is the actual physical storage that the StorageVaults point to and where files are actually stored. 6

7 IMPORTANT: When a user or device needs to receive a file, the file is sent directly from the storage and compute layers to the device, not through the orchestration layer. Figure 2 illustrates these components and how data/files flows between them. End- To- End Encryption Figure 2. Syncplicity Architecture Encryption of files in transit is done through TLS/SSL via HTTPS traffic. Unlike our competition, files are encrypted at rest on mobile devices. Encryption at rest in our data store is done using encryption keys that are stored in a separate data store from all user- specific information and metadata in the orchestration layer. The orchestration layer is decoupled from the storage layer at the service provider site, which is an opaque store for raw files. Orchestration Layer Data Storage Data stored in the orchestration layer is minimal, and includes: File name, creation date, size, SHA- 256 hash Storage information (# of chunks, chunk size, encryption key, data length after encryption/compression) Virtual path relative to the sync point root Full path to where synched and shared folders are mapped on the user s machines Information such as file size, SHA- 256 hash, and encryption keys are stored in separate databases from all user- specific information. 7

8 Syncplicity Approach to Security There are several guiding principles for how we approach enterprise- grade security: You own the data. As recent news stories have demonstrated, one of the biggest inhibitors to cloud adoption is the question of who owns or has access to customer data. We make it completely clear that we do not own customer data, can t use customer data, and can t even see customer data. Make security as seamless as possible. There are many ways to enhance security while making the user experience easy. Single sign on (SSO) is an obvious approach to reduce user friction and keep users happy. We always look to reuse our customer s existing security infrastructure rather than replicate it. Centralize policies. Use of centralized policies offers security and compliance without requiring users or IT to take extra steps. We d rather have you set a policy for external folder sharing than make users ask admins to set up secure workspaces. Make compliance policy- driven. One of the most important aspects to corporate and regulatory compliance and security is data location. But it does no good if users have to think about it and change their behavior. Policy- driven approaches ensure compliance without impacting the user experience. Protect by enabling (and monitoring). Ironically, sometimes the best way to secure a process is to not lock it down, but allow it to happen with the proper controls and IT reporting in place. When users go to consumer products, data is at risk and IT doesn t even know about it. Meaningful and automatic reporting gives IT a way to manage the unmanageable. Trust but verify. There is a veritable alphabet soup of certifications and attestations that cloud vendors can go through. We will go through the process of gaining relevant certifications. Security, privacy, and compliance should not interfere with user experience. It is not only possible to build security features and controls that don t create friction for users, but they can also enhance user productivity. Be as restrictive or permissive as your business demands. Every organization has varying requirements for security and compliance. IT administrators and security professionals should be able to fine- tune security policies and controls to meet the needs of their business, and their users. Security features don t matter if users go around them. attachments and consumer- grade cloud services have created huge risk for enterprises. The only way to mitigate this risk is to give users consumer- grade experiences that make their jobs easier, while still complying with enterprise- grade security requirements. And if IT does not meet these needs, users will go around them. The cloud is the future, and it can be secure. Cloud- based SaaS applications are the way that technology will be deployed and consumed by users and organizations. One of our key missions is to make the cloud one of the most secure deployment models that exist. All content is not created equal. While SaaS is the future, storing data in the cloud is only one of several deployment options for cloud applications. We believe organizations should have complete flexibility in where data is stored. Furthermore, centralized policies that are completely invisible to the user should automate how and where data is stored. 8

9 With regard to specific features and controls, Syncplicity was developed to offer protection and control of company data in four key areas: User- level security. Protecting user accounts and data from access Device- level security. Protecting accounts and files in Syncplicity on desktop client apps and mobile apps Folder- level security. Security and control regarding the sharing of folders inside and outside the organization File- level security. Providing security and control of files and file content in transit and at rest The following four sections provide details on how we protect at each of these levels. User- Level Security and Controls Authentication Single sign on (Active Directory or any SAML- based authentication). Authentication can be completely delegated to the customer s AD/LDAP by leveraging federated authentication (Figure 3). With a customer- managed SAML identity provider, users no longer enter their Syncplicity username and password to access Syncplicity on the desktop, the web, and mobile devices. Instead, they leverage their existing corporate credentials to log in and, in many cases, do so in a completely transparent way with absolutely no forms to fill out. o Because authentication is delegated to secure, authorized servers outside of Syncplicity s control, Syncplicity servers are never privy to corporate passwords authentication credentials remain squarely in the control of the corporate system. o Organizations can take control of their passwords by implementing strong password policies, password expiration timeframes, and repeat use policies using their existing authentication infrastructure o SAML initiated logins are controlled through customer managed IDP at first login of the Syncplicity desktop and/or mobile client(s). Once authenticated the Syncplicity clients do not require future user re- authentication and authentication is managed using a combination of a long long- lived machine token and short- lived session tokens. 9

10 The machine tokens are long- lived and stored using each client OS APIs for credential storage, though users can easily deactivate them to revoke access to their Syncplicity account from that device. For a sync operation (upload, download, share etc.) the client uses a short- lived session token valid for approximately 75 minutes after which the session token is rotated. o The web client (my.syncplicity.com) uses a cookie- based token that has a 30 min inactivity timer. o Multi- factor authentication Using a SAML identity provider (IdP), Syncplicity supports multi- factor authentication such as one- time- passwords and PKI certificates. Figure 3. Syncplicity SSO Authentication Flow Active Directory Sync (provisioning and de- provisioning). Syncplicity supports integration with OneLogin, Okta, and Ping Identity to offer automated provisioning and de- provisioning of user accounts from Active Directory. o Provide instant access to Syncplicity when a new user is created in Active Directory o Revoke access to Syncplicity immediately when a user s account is deactivated or deleted in Active Directory o Provision Syncplicity to specific groups like marketing or engineering directly from Active Directory o Roll out Syncplicity progressively to groups or organization units defined in Active Directory 10

11 o Map Syncplicity account provisioning to Active Directory groups, making it easier to manage licensing and resources. o Remote wipe automatically when an account is deleted in Active Directory, permanently removing files from all connected devices Administrator domain restrictions. Syncplicity can be configured to require admins to only access the Administration Console from specified domains. Administrator password complexity policy. Enforce password complexity policies for administrator passwords to provide an extra layer of protection for admin accounts. Secure password storage For non- SAML accounts, Syncplicity enforces a minimum length and complexity on user- generated passwords and the credentials are stored as a salted SHA- 256 hash. The password is never stored by Syncplicity for authentication purposes. Account lockout on multiple failed authentication requests. User accounts are temporarily locked after five consecutive unsuccessful login attempts. Administration Ranked Group Policy Sets. Create sets of policies (user, device, folder, and file) that are applied to users in ranked order, giving granular control over all policies at the group level. Ranked Storage Sets. Gives granular control over where Syncplicity stores files for users based on group membership. User management. Easily manage user account set up and support. o Preconfigure user accounts to ensure that certain folders are synced by default (e.g., Documents, etc.) o Access user accounts to support users and access content o Delete or suspend user accounts Group management. Set policies that enable deployment to user groups at scale. o Automatic folder sharing allows admins to ensure that members of user groups gain immediate access to folders that are shared with the group. o Automatic folder de- provisioning on role change ensures that users are removed from shared folder access when the user is removed from a group. This works in conjunction with folder remote wipe policies to permanently delete files and folders from user accounts when they are removed from a group. 11

12 o Storage quotas can be set for users in each group to limit the amount of content that different users can add to the service. Administrator- driven user account remote wipe. Administrators can remote wipe user accounts, disabling user access to Syncplicity accounts from any device. User account remote wipe policy. Set a policy for what happens to user data and files when an account is deleted. Data and files can be left on devices or permanently remote- wiped from those devices automatically. Free account restrictions. Administrators have ability to restrict users from signing up for free (consumer) Syncplicity accounts on their own using their business account. IP Based Restriction - By default, Syncplicity allows administrators to perform admin actions from any IP address. This setting allows organizations to ensure that company administrators are using an approved IP address when performing admin actions via My Syncplicity or via API calls. Ranges of approved IP addresses and a custom error message can be specified. Device- Level Security and Controls Authentication Optional 2- factor authentication. In conjunction with a customer- managed SAML identity provider, customers can distinguish between devices managed by a Mobile Device Management (MDM) solution and non- MDM secured devices by using the MDM to push a client certificate onto the mobile device, enabling 2- factor authentication. o As part of the SAML authentication process, the SAML identity provider should be configured to check for a valid client certificate as well as the user name and password for the user. Devices without the proper certificate will be denied authentication and binding. Customers will need to work with the SAML identity provider and MDM of their choice to perform the proper configuration of this type of authentication. o This works with any MDM solution, not just MDM solutions that have been fully integrated with Syncplicity. MDM delegated authentication. Configure Syncplicity for ios and Android to utilize Good Dynamics for authentication (see Mobile Device Management below). Mobile device passcode. Set an optional four- digit passcode that is required for access to Syncplicity on mobile devices. Failure to type the correct code 10 times will result in the account and all files being permanently deleted from the device. 12

13 Access Policies Client desktop Active Directory restriction policy By default, Syncplicity allows users to register any computer with their account and start synchronizing folders. This policy setting restricts access to the Syncplicity service to computers that are joined to specified Active Directory domains. Website access policy - By default, Syncplicity allows users to access their account in a web browser. Such access gives users the ability to view their news feed, browse and download files, change their personal information, deactivate computers, and perform other actions. This policy setting allows organizations to restrict access to the website only to computers that have been authorized to run the Syncplicity client and ensures the website can only be launched directly from the client using the "Browse to My Syncplicity" link. This policy setting is useful especially in conjunction with the "Active Directory Restriction Policy" to restrict access to Syncplicity from public kiosks. Mobile application access policy - By default, Syncplicity allows users to access their account using Syncplicity's native mobile applications for iphone, ipads, and ipod Touch. Such access gives users the ability to view their news feed, browse and download files, and perform other actions. This policy setting prevents users from connecting to their Syncplicity accounts from their mobile devices. If the policy is set to Access from Syncplicity s native mobile applications is restricted, no users within the organization will be able to use Syncplicity s mobile apps including all users who are already using a mobile app. This policy does not affect the ability of users to access their accounts via mobile web browsers. Website access is controlled through the website access policy. Concurrent Use Restriction - Administrators can define what measures Syncplicity should take when concurrent use of a device from multiple locations is detected. Admins can disable a user, block user transactions, send an notification to both the user and administrators or send an to administrators only. Concurrent use of a device from multiple locations can indicate that an account is being accessed by another user and therefore compromised. Encryption Encryption at rest on mobile devices. Unlike our competition, files are encrypted at rest on mobile devices using AES 256- bit encryption. Customers using MDM integration with Good Technology leverage a FIPS certified container. Encryption at rest on Windows and Mac. Syncplicity does not offer native encryption on desktops. However, organizations that implement hard- drive encryption or other endpoint encryption services may use the Syncplicity client with no negative disruptions. Administration Device remote wipe policy. Set a policy for what happens to files when a device is removed from a user account. Files can be left on devices or permanently remote- wiped from those devices automatically. 13

14 Mobile synchronization policies. Control the sync process to better manage mobile devices and enforce security standards o Mobile device synchronization policy. Enable or restrict push synchronization to mobile devices o Android SD card synchronization policy. Enable or restrict Android users from saving Syncplicity files on an SD card o Mobile synchronization limits. Set file size limits for mobile push synchronization o Mobile sync settings (Wi- Fi or wireless). Determine whether mobile push synchronization will work over Wi- Fi and/or wireless connections Registration wizard configuration Determines whether the user is given the option to configure folders to synchronize and share or to skip user configuration and only use the administrator preconfigured folders and shares Client Update Policy From time- to- time, new releases of the Syncplicity client are made available with the latest functionality, bug fixes, and performance improvements. This determines whether all installed clients within the company will prompt users to upgrade for any update, required updates, or no updates. Mobile Device Management Syncplicity for Good ios and Android is a MDM- enabled mobile app that provides easy, secure sharing of corporate data while remaining compliant with IT policies in organizations utilizing Good Dynamics. Protect corporate information in transit and at rest with a FIPS- compliant container using AES 256- bit encryption Apply granular application data controls without reducing mobile worker productivity Support strong password policies for mobile app access without requiring strong password policies to access the device Enforce OS and mobile app version requirements Detect jail- broken devices upon application launch Prevent data leakage from mobile apps Enable remote revocation of app access and remote data wipe Separate mobile app data from personal data, respecting user privacy 14

15 Folder- Level Security and Controls Folder Sharing External folder sharing policy. Set a policy that determines if users can share folders with users that are not in the corporate Syncplicity account Shared folder permissions. Set permissions on folders that are shared to other users. o Owner permission. Users who initially create a folder automatically receive owner permission. Owners can share folders with other users (except for sharing with external users if external sharing is disabled) and set sharing permission level. Owners can never permanently lose data if other users delete a file or folder. o Editor permission. Collaborators have read/write access to all files in a shared folder. If a user with editor permission deletes a file in a folder, that deletion is propagated to all users. o Reader permission. Readers can read a file in a shared folder. If a user with reader permission deletes a file in a shared folder that deletion is not propagated to other users. This is a critical feature that enables organizations to push content to large groups of mobile users without losing data. Folder permission propagation. Users can only share a folder with another user using the highest permission level that they have been granted. Users with reader permission can only share a folder to another user and give them reader permission. This is a critical feature that enables organizations to push content to large groups of mobile users without losing control of the shared files. Folder share naming convention. Determines whether a share name always has the name of the owner of the shared folder appended to the folder name. This is useful for avoiding confusion in situations such as where multiple users may share different folders but name each the same such as project folder. Folder Data (File) Protection Folder retention (remote wipe) policy Determines whether files and folders are automatically deleted from a user s devices and cloud applications when he or she loses access to a folder. When access to a folder is lost, a folder retention policy determines whether the user will continue to have access to files and folders already downloaded or synced to their devices and cloud applications. Any new folder retention policy will automatically take effect for all unshared operations performed after the change is set. Under the retention section, there are two policies: o When a user is removed from a shared Syncplicity folder, leave a copy of the folder on the user s computers and devices. If this policy is selected, after a user s access to a shared folder is removed, that folder and any downloaded or synchronized files will no longer synchronize but will continue to exist on their devices and cloud apps. The user will no longer have access to the folder through the online file browser or on their mobile devices. 15

16 o When a user is removed from a shared Syncplicity folder, permanently delete the folder on all the user s computers and devices. If this policy is selected, after a user s access to a shared folder is removed, that folder and any downloaded or synchronized files will no longer synchronize and any files and sub- folders within that folder will be permanently deleted from their devices and cloud apps. The user will no longer have access to the folder through the online file browser or on their mobile devices. If a device is offline when access is removed, the folder will be wiped the next time the device connects to the Internet. Storage Sets. Gives IT control over which StorageVault Syncplicity uses to store files in a folder. File- Level Security and Controls Encryption File encryption in transit. Encryption of all data in transit, including files, is done through FIPS compliant TLS/SSL protocols via HTTPS. Our native clients use AES- 256 symmetric encryption and RSA for session key generation. Encryption at rest (cloud storage). Files are protected at rest in our data store using 256- bit AES encryption. The encryption keys are stored in a separate dedicated, access- controlled database in the orchestration layer. The encryption keys are stored separately from all user- specific and file attribute information in the orchestration Layer. The encryption keys are not persisted anywhere in the storage layer. Encryption at rest (on- premise storage). As with cloud storage, files are protected at rest using 256- bit AES encryption. Likewise, the encryption keys are stored in a separate data store from all user- specific and file attribute information in the orchestration layer. The encryption keys are not persisted anywhere in the storage layer. With on- premise storage, customers can opt to disable Syncplicity encryption because the data is housed in a private on- site datacenter protected by the enterprise s security controls. Storage Control Certified cloud data centers. Syncplicity cloud storage utilizes SSAE- 16 SOC1 Type II and SOC2 audited data centers and features % data resiliency. On- premise storage via Syncplicity StorageVaults. Choose to store files on premise with EMC Isilon Scale- Out NAS, EMC Atmos Object Storage, or EMC VNX/VNXe (Enterprise Edition only). Leverage your enterprise security controls inside your data center and ensure compliance with data residency and sovereignty requirements. o Your files never reside within our data centers. Files are stored only on your servers and client devices. 16

17 o Configure storage and compute nodes in DMZ for easier external access (Figure 2) or behind firewall to require VPN Access to Syncplicity (Figure 3). o StorageVault Authentication adds an additional layer of security to the on- premise StorageVault so Syncplicity personnel cannot view file contents. No cloud file caching when using on- premise storage. Unlike the competition that uses their cloud layer as a file cache even when using on- premise storage, Syncplicity does not cache files in the cloud. When files move from an on- premise data store, the files move directly to client devices and mobile apps and do not pass through our cloud. Ranked Storage Sets. Gives granular control over which StorageVault Syncplicity uses to store files for users based on group membership or assignment at the folder- level. File Contents Protection Folder remote wipe policy. Set a policy for what happens to files when folder access is removed from the user. Files can be left on devices or permanently remote- wiped from those devices automatically. Shared link policies. Syncplicity gives users and admins several security controls for sending shared links. o Restrict recipient access. You may restrict access to a shared file to only the recipient(s) you specify. This way, if someone forwards a link to an unauthorized recipient, that recipient cannot download the file. Of course, you can still create public shared links if your organizational policy allows it. o Require a password to access documents. Require recipients to enter a password to access a shared link. o Download tracking. Users can view who has downloaded the shared files, how many times they have been downloaded, and when they were last downloaded. o No file size restrictions. No matter whether you use cloud storage or on- premise storage, there are no file size limitations. Shared links give IT the control they need to secure company files. o Set link expirations. Set a company- wide policy to automatically expire links after a specified timeframe o Require restricted access. Set a policy to require users to restrict access to authorized recipients and not allow public shared links o Require passwords. Ensure that users cannot create a shared link without requiring a password o Set password policies. Set a company- wide policy for password strength o Monitor usage. Audit and track file download activity via Syncplicity s file, folder, and user reports 17

18 Secure Shared Files (Rights Management) Assign rights management policies such as access controls, watermarks, and print controls that apply to a file no matter where it is moved after downloading from a Secure Shared Link. Mobile Open In Restriction Policy. Protect files from being opened in third- party applications, where they could be stored in a device/application cache (outside the Syncplicity secure container) or uploaded to another cloud storage provider outside of IT control. Data retention policies. Configure how long file versions and deleted files are retained in user accounts based on number of versions, file age, or custom logic. Default is 30 days. Active file retention policies. Set timeframe for deleting unmodified active files based on your compliance and enterprise risk management mandates. Deleted files are subject to data retention policies or can be expunged immediately. Administrators can run reports to see files pending deletion in the next 60 days. Customer administrators should use this policy with caution. Enable/disable news feed via RSS. RSS is a popular way to subscribe to frequently changing content on the web and have such content automatically delivered to you in a variety of convenient ways. When you enable this feature on My Syncplicity, your users will be able to obtain a secure link to their Syncplicity News Feed and enter that link into applications like Microsoft Outlook. Once there, Outlook and Reader will periodically download the Syncplicity News Feed and present it to the user in a familiar, easy- to- use interface. Without RSS, users would instead have to log into My Syncplicity manually to find out what s been happening inside their Syncplicity folders. Administration File type exclusions. Configure Syncplicity to not synchronize certain file types for storage and security reasons Branching policy - When two (or more) Syncplicity users edit the same file at the same time, Syncplicity immediately detects the conflict and stores both versions safely online. By default, Syncplicity will also create a new file for each conflicting version to help users properly resolve the conflict, either by merging the two versions together or picking one as the final authoritative version. If you disable this feature, Syncplicity will instead use the version uploaded most recently as the final authoritative version. 18

19 Reporting and Monitoring Storage usage dashboard. Get a snapshot of storage use (active, history, and deleted files) so you can monitor overall usage Storage by file type. Determine what types of files consume your storage resources o See which files are consuming the most storage across three categories: active files, previous file versions, and deleted files o Filter reports using a specified comma separated list of file type extensions o Display reports for the entire organization or a single user o Detect acceptable use violations that may subject the organization to legal or compliance risk User storage by file type. With this report admins can identify file usage patterns by individual user. o Shows which users are consuming the most storage by file type o Displays total storage consumed and consumption by active files, previous versions, and deleted files o Supports adherence to acceptable use policies o Enables more efficient use of network bandwidth and storage resources Storage utilization reports. View storage or bandwidth by all users, active users, disabled users, or individuals to better understand consumption patterns and distribute IT costs. o Identify power users and share their tips and tricks with other groups to increase adoption o Distinguish between active/inactive files and active/disabled users to adjust policies o Inform planning, policy. and purchase decisions by spotting usage trends o Download user details to charge back costs to departments 19

20 User access reports. Audit a user, a folder, or a file and see who had access from what device and what was done o Help users retrace their actions and find or restore a folder or file o Meet compliance requirements for tracking changes and access to a file or folder o Protect critical company files with a view into actions taken on special documents Administrator Action Report. For a specified date range each administrator action is listed with details on who performed the action, from which device and IP address, the date and time the action was performed, and what was changed. Report access. Gain easy access to reports data o Export any of the reports into a CSV file that is automatically saved to your administrator Syncplicity Reports folder o Automatically generate reports into Syncplicity reporting folders for access by admins o Reporting folders: With Syncplicity s reporting folders policy, admins can keep reports organized while controlling access to report information. Automatically place each report type in its own folder Establish sharing permissions for folders to protect sensitive information Enable report folders to be synced to any device Quickly review, change, or expire policies through the admin console 20

21 Third- Party Security Testing We conduct third party application security assessments of our applications as part of our SDLC. The assessment methodology includes whitebox and blackbox testing. Assessments address the following areas of concern: All applicable issues covered by OWASP Top 10, SANS Top 20, and other standards General application architecture issues SQL injection Cross- site scripting (XSS) Session management vulnerabilities Access control Server path manipulation and traversal (files, directories, etc.) Use of encryption Application related denial of service Sensitive information exposure Platform (public vulnerabilities) and configuration vulnerabilities 21

22 Privacy Certifications and Compliance Syncplicity cloud storage and orchestration layers utilize SSAE- 16 SOC1 Type II, SOC2, and SOC3 audited data centers. Syncplicity cloud storage and orchestration layers utilize ISO audited data centers. HIPAA Syncplicity has the necessary controls and safeguards to securely handle protected health care information (PHI) on behalf of our customers. The Federal Information Processing Standard (FIPS) Publication is a U.S. government security standard that specifies the security requirements for cryptographic modules protecting sensitive information. To support customers with FIPS requirements, Syncplicity VPN endpoints operate using FIPS validated hardware. The U.S. Department of Commerce, in concert with the European Commission, developed a Safe Harbor Framework that allows U.S. organizations to comply with the Directive by abiding by a set of Safe Harbor Privacy Principles. Companies certify their compliance with these principles on the U. S. Department of Commerce website. The framework was approved by the EU in 2000 and gives companies that abide by the principles assurance that the EU will consider their practices adequate privacy protections for EU citizens. The Swiss Federal Act on Data Protection (FADP) went into effect in July 1993, followed by important modifications in January The FADP would prohibit the transfer of personal data to countries that do not meet Switzerland s adequacy standard for privacy protection. While the United States and Switzerland share the goal of enhancing privacy protection for their citizens, the United States takes a different approach to privacy from that taken by Switzerland. 22

23 Additional Information For further information on EMC Syncplicity security controls, please request a copy of our Standardized Information Gathering (SIG) questionnaire report. 23