Addressing Information Protection, Privacy & Sovereignty Concerns in Cloud Applications

Size: px

Start display at page:

Download "Addressing Information Protection, Privacy & Sovereignty Concerns in Cloud Applications"

Anissa Long
8 years ago
Views:

Varun Badhwar Co-Founder; VP of Products &

2 Agenda Introduction Rapid Cloud Adoption Globally Cloud Information Protection Challenges Australian Cloud Adoption State of Affairs 5 Must-Haves for Protecting Information in the Cloud CipherCloud Overview & Use Cases CipherCloud All rights reserved.

State of Affairs 5 Must-Haves for Protecting Information in the

Rapid Cloud Adoption Benefits of the Cloud are compelling Rapid transformation of business processes Connects businesses to new dynamic communities Dramatically lower upfront investment Frees IT to

3 Rapid Cloud Adoption Benefits of the Cloud are compelling Rapid transformation of business processes Connects businesses to new dynamic communities Dramatically lower upfront investment Frees IT to focus on value-added functions The debate has shifted from if to how Cloud services are inevitably entering and changing business environments Business units are deploying applications often without IT support IT must play an enablement role in order to stay relevant and in control 85% of IT professionals believe cloud computing will transform their business - Knowledge@Wharton CipherCloud All rights reserved.

entering and changing business environments Business units are deploying applications often without IT support IT must play an enablement role in order to

Data is Flowing Everywhere Email CRM Custom Apps Collaboration Your data resides in many locations You don t control security or disclosure Cloud and mobile apps

4 Data is Flowing Everywhere CRM Custom Apps Collaboration Your data resides in many locations You don t control security or disclosure Cloud and mobile apps proliferate Your enterprise boundary becomes porous Sensitive information used to stay in your domain protected by your IT staff CipherCloud All rights reserved.

proliferate Your enterprise boundary becomes porous Sensitive information used to

Cloud Information Protection Challenges We ve Been Hacked Epsilon Data Breach Highlights Cloud-Computing Security Concerns Enterprise cloud adoption

to protect? Who has access to your information? Where does your data reside?

5 Cloud Information Protection Challenges We ve Been Hacked Epsilon Data Breach Highlights Cloud-Computing Security Concerns Enterprise cloud adoption in 2013 prompts data security questions Data residency MAS HIPAA NPP APRA Data disclosure ITAR GLBA Data leaks What type of information do you need to protect? Who has access to your information? Where does your data reside? Google: Hundreds of Gmail accounts hacked, including some senior US government officials #1 Cloud concern: unauthorized access to or leaks of sensitive information - InformationWeek CipherCloud All rights reserved.

Where Cloud Data Resides and What Laws Apply United Kingdom USA Federal GLBA, HIPAA, COPPA, Do Not Call, Safe Harbor, US Patriot Act Canada PIPEDA, FOIPPA, PIPA ICO Privacy and Electronic

6 Where Cloud Data Resides and What Laws Apply United Kingdom USA Federal GLBA, HIPAA, COPPA, Do Not Call, Safe Harbor, US Patriot Act Canada PIPEDA, FOIPPA, PIPA ICO Privacy and Electronic Communications Regulations European Union EU Data Protection Directive, State Data Protection Laws South Korea Network Utilization and Data Protection Act Japan Personal Information Protection Act Chile Law for the Protection of Private Life US States Breach notification in 46 states Argentina Personal Data Protection Law, Information Confidentiality Law South Africa Electronic Communications and Transactions Act Hong Kong Personal Data Privacy Ordinance India Pending Laws under discussion Australia National Privacy Principals, State Privacy Bills, Spam and Privacy Bills Taiwan Computer-Processed Personal Data Protection Philippines Propose Data Privacy Law Privacy Act New Zealand CipherCloud All rights reserved.

Chile Law for the Protection of Private Life US States Breach notification in 46 states Argentina Personal Data Protection Law, Information Confidentiality Law South Africa Electronic Communications

7 Impact of Privacy Amendment Act on Cloud Computing Responsibility for Information Protection If offshore cloud compromises your data we'll sue you, not them Victorian Privacy Commissioner; May, 2012 APP 8: Cross-Border Disclosure of Personal Information Overseas recipients of information must comply with APPs Law enforcement can access confidential data, in some cases with gag orders on cloud providers (e.g, US Patriot Act) APP 11: Security of Personal Information Reasonable steps must be taken to protect personal information If overseas providers not under APP s purview breach data, the Australian entity is financially and criminally liable Expanding Powers of Regulators Like APRA & Privacy Commissioner Ability to demonstrate prudent practices for information protection is key to avoiding investigation and penalties CipherCloud All rights reserved.

deployed without IT 8 2013 CipherCloud All rights reserved.

8 How Should Organisations Manage Cloud Adoption? Use security to enable not block Adoption is inevitable just saying no no longer works Reduce shadow IT by offering secure solutions that offer real cloud benefits Collaboration tools are often deployed without IT CipherCloud All rights reserved. CRM Realize that the legacy perimeter model is obsolete Increasing amounts of sensitive data will be outside your corporate firewall Implement your own information protection controls All legitimate providers claim secure datacenters Webmail This does not protect your data from theft, accidental disclosure, or complying with law enforcement HR Apps You are responsible for compliance you must hold the keys to secure your data Third-party encryption does not assure that you re data is not protected Networking Mobility Collaboration File Sharing Virtualization Custom Apps Private Cloud Financial Services

10 Introducing Cloud Access Security Brokers (CASB) By 2016, 25% of enterprises will secure access to cloud-based services using a CASB platform, up from less than 1% in 2012, reducing the cost of securing access by 30% - GARTNER CipherCloud All rights reserved.

CASB platform, up from less than 1% in 2012, reducing the cost of

Sensitive Industries 11 Countries 6 Languages 175 Employees

11 About CipherCloud Company 1.2+ Million Live Users 100 Million Records Protected 10 Encrypt Sensitive Industries 11 Countries 6 Languages 175 Employees Awards Solutions CRM Collaboration Custom Applications CipherCloud All rights reserved.

12 The CipherCloud Gateway Encryption Preserves Data Formats & Operations Keys Retained by Our Customers No Impact on Usability Unified Policies Across Clouds Mobile Users Remote Users Enterprise Users CipherCloud All rights reserved.

Usability Unified Policies Across Clouds Mobile Users

Cloud Information Protection in Detail Encrypted data is indecipherable Transparent to user Preserves Usability and Functionality Real-time encryption Near-zero latency

13 Cloud Information Protection in Detail Encrypted data is indecipherable Transparent to user Preserves Usability and Functionality Real-time encryption Near-zero latency Malware detection Data loss prevention Complete visibility for all user cloud activity Encryption keys never leave the enterprise CipherCloud All rights reserved.

Malware detection Data loss prevention Complete visibility for all user cloud

An Open & Extensible Platform for All Clouds CRM Gateways Collaboration Gateways Email Gateways Storage, File Sharing Gateways Database Gateways Connect AnyApp Framework Data Protection Expanded

14 An Open & Extensible Platform for All Clouds CRM Gateways Collaboration Gateways Gateways Storage, File Sharing Gateways Database Gateways Connect AnyApp Framework Data Protection Expanded Security Strong Encryption Tokenization Key Management Malware Detection Audit Logging DLP CipherCloud Platform Data Security Policy, Real-time, Stateless, Near-zero Latency CipherCloud All rights reserved.

Security Strong Encryption Tokenization Key Management Malware Detection Audit Logging DLP CipherCloud

CASBs Deliver 1 2 Protect Information Before It s Stored in the Cloud Retain Key Management and Control Protect All Your Cloud Information 3 Meet Compliance and

15 CASBs Deliver 1 2 Protect Information Before It s Stored in the Cloud Retain Key Management and Control Protect All Your Cloud Information 3 Meet Compliance and Residency Needs 4 Eliminate Data Privacy and Security Risks From Any Device 5 Preserve Application Usability and Functionality CipherCloud All rights reserved.

Residency Needs 4 Eliminate Data Privacy and Security Risks From Any Device 5

16 Enabling Enterprise Social Collaboration Across A Top 4 Aus Bank Customer Success Files The Challenge: Adopt a cloud based social collaboration & document management platform across the enterprise Meet bank s internal security guidelines around storing sensitive data unencrypted outside the bank s network The Solution: Implement CipherCloud for Chatter to tokenize (local storage) any unstructured data (files & attachments) without compromising application functionality The Result: 32,000 Users Expanding the CipherCloud Platform to protect custom Capital Markets cloud applications CipherCloud All rights reserved.

Solution: Implement CipherCloud for Chatter to tokenize (local storage) any unstructured data (files & attachments) without compromising application

17 One of Australia s Largest Insurance Provider Securely Adopts Salesforce Customer Success Files The Challenge: Offer an innovative telephone and web-based health care service in Australia and New Zealand Govt contract restricted storage of data offshore The Solution: Implement CipherCloud for Salesforce to tokenize select fields containing PII information while retaining key search and sort operations The Result: Geographically distributed deployment across Australia & NZ. Deployed and live within 4 weeks Obtained approval to manage data for the Australian Ministry of Defense CipherCloud All rights reserved.

tokenize select fields containing PII information while retaining key search and sort operations The Result: Geographically distributed deployment across

18 Enabling Large NZ Bank to Migrate Retail Banking Apps to the Public Cloud Customer Success Files The Challenge: Migrate external banking applications to public cloud services Enable collaboration Comply with APRA & NZ Privacy Act mandates Restrict offshore access to customer data The Solution: Encrypt selective PII fields in Salesforce, thereby anonymizing data stored in the offshore cloud Retain core Salesforce functionality across Sales Cloud, Chatter & mobile devices The Result: 2,400 Users Considering Expansion with Other Clouds in CipherCloud All rights reserved.

The Solution: Encrypt selective PII fields in Salesforce, thereby anonymizing data stored in the offshore cloud Retain core Salesforce

19 In Summary Enable cloud initiatives with effective cloud information protection Organizations that embrace the cloud will be more innovative and competitive But security concerns must be addressed to avoid legal, and business disasters Balance conflicting regulatory requirements Data export restrictions, host nation access laws, and internet best practices can collide if data is exported Encryption can solve cloud data residency issues if No privileged users at the provider have access to your encryption keys Keys are stored locally, properly managed, rotated, revoked, and destroyed Look for open platforms that can protect any type of cloud application Out-of-the-box integration with leading business applications including SaleForce, Chatter, Force, Gmail, Office 365, Amazon Web Services Simple integration with any custom web application Support for existing enterprise infrastructure reduces costs and streamlines deployment CipherCloud All rights reserved.

Encryption can solve cloud data residency issues if No privileged users at the provider have access to your encryption keys Keys are stored locally, properly managed, rotated, revoked, and destroyed

For Additional Information Website: www.ciphercloud.com Twitter: @ciphercloud LinkedIn: www.linkedin.

com/company/ciphercloud Varun Badhwar VP, Products & Solution

Viva la Cloud IAPP Privacy Academy 2013

Viva la Cloud IAPP Privacy Academy 2013 Speaker Intros Chris Zoladz Founder Varun Badhwar VP of Product Strategy -2- Basic Premises for this Session Use of the cloud will continue to explode Security and