CBIO Security White Paper
|
|
- Bathsheba Ford
- 8 years ago
- Views:
Transcription
1 One Canon Plaza Lake Success, NY CBIO Security White Paper Introduction to Canon Business Imaging Online Canon Business Imaging Online ( CBIO ) is a cloud platform for Canon s business applications. CBIO provides customers access to Canon s latest technology on the cloud including services that are integrated with MFDs (multi-function devices) and printers, including Canon imagerunner Advance devices. Canon considers the security and privacy of customers to be of the utmost importance; therefore, CBIO is hosted at a secure data center with the latest, industry standard security measures. CBIO provides many benefits to customers: Affordable: Without having large up-front costs, customers can use cloud based services with a subscription model. Stable: Applications are installed on a powerful, secure, and redundant hardware infrastructure. Quick Deployment: Since the applications are cloud based, customers can start using the services right away. Compatible: Since the applications are web based, services can be accessed from anywhere. In addition, upgrades are handled in the cloud, so customers don t have to worry about version control. Forms and Print Services for Salesforce is available in US market through Canon Information and Imaging Solutions, Inc. ( CIIS ). Canon anticipates adding more services to the CBIO platform in the near future. 1
2 Introduction to Forms and Print Services for Salesforce Forms and Print Services for Salesforce is used to create forms that include data from end user s salesforce.com, Inc. account and print them to MFDs and printers, including Canon imagerunner Advance devices. Basic functions include: Create highly visual and attention grabbing forms and reports (in PDF format) with salesforce.com data and preview them on any PC, laptop, or mobile device. Print created forms to Canon imagerunner Advance devices directly, without printer drivers.* Authenticate, retrieve** and print created forms from Canon imagerunner Advance devices. Attach PDF forms to the source/account page on salesforce.com Forms and Print Services for Salesforce may not be appropriate for the management, collection or storage of certain highly confidential or sensitive data. Use of the service for the management, collection or storage of protected information is solely at customer s determination. * If you are not printing to a Canon imagerunner ADVANCE device, you can download and print a PDF from another printer with the use of a print driver. ** The PDF forms are stored on the CBIO for a maximum of forty-eight (48) hours. 2
3 CBIO Infrastructure Architecture CBIO offers enterprise-class security and reliability by leveraging services from a recognized and dependable third-party cloud infrastructure service provider. The data centers that host CBIO are Tier III certified, and offer the highest levels of data protection, reliability of service, and security. Below are some of the key architectural design points for the CBIO Infrastructure. Shared Infrastructure Responsibility Model Infrastructure responsibilities are shared between Canon and the infrastructure service provider. The infrastructure service provider is responsible for all aspects of the physical security of the data centers that host CBIO, as well as the virtualization layers related to shared infrastructure components, such as physical storage for data. Encryption (AES128) is used by the infrastructure service provider to protect data partitions within physical storage areas. Canon is responsible for the virtual servers, operating systems (including security updates) and applications that provide CBIO services. CBIO applications, such as the Authentication Services and Print Services, further enhance data security by encrypting customer data utilizing AES256 using unique keys for each customer. 3
4 Physical and Environmental Security The facilities used to host CBIO are located in Japan, in cutting-edge earthquake resistant data centers. It is anticipated that in the future, data centers will also be located in the U.S. These facilities are protected by the following range of technologies: Strict access controls imposed on sections, server rooms, and other locations. Centralized ID management for employees and visitors, including whereabouts tracking via RFID. Palm and vein authentication is associated with employee and visitor IDs for further control access. Tailgate detection to ensure that access to a secured area is granted to a single person for each valid security card presented. Association of surveillance video with event logs, and long term storage of security video and event logs. Systems Security The following practices and technologies are utilized on CBIO related host systems: Patch management for security updates Use of antivirus software for malware and virus detection Use of host-based firewalls Log management Independent security assessments Business Continuity and Data Management CBIO employs numerous levels of redundancy for major components such as servers, storage, network devices and power supply equipment in order to eliminate single points of failure. Backups of infrastructure components are handled by the service provider. Further, Canon performs backups of CBIO systems, applications and customer data in order to achieve business continuity management. Monitoring and Log Management CBIO systems are configured to store event logs locally, as well as forward events to centralized log management servers. All systems synchronize time via NTP to ensure accurate time stamps of events, and enable event correlation between various security systems. For example, video surveillance logs can be matched with system access entries. Logs are saved for a period of 5 years. 4
5 Privacy CBIO customers own all rights to any content submitted through the CBIO. CIIS collects and processes information related to the customer s Salesforce account and any customer devices or computers strictly to provide Forms and Print Services for Salesforce. Additionally, CIIS collects technical or diagnostic information related to the customer s use of Forms and Print Services for Salesforce to support, improve and enhance Canon s products and services. Incident Management Policies, processes and procedures are established to rapidly and accurately manage information security incidents and escalation procedures to apprise end users of relevant incidents to meet regulatory and legal compliance. Further, Canon constantly monitors security related information for new developments and potential issues in order to maintain the high levels of security. Related Certifications The following certifications have been attained by Canon and/or its service provider for CBIO related infrastructure: ISO9001 ISO14001 ISO20000 ISO27001 Privacy mark (JIS Q15001) Independent Security Assessments Prior to launch, the CBIO Infrastructure and systems underwent extensive internal and external penetration testing by an independent security company. Independent security assessments are also performed on periodic basis to ensure the highest security standards are maintained. 5
6 CBIO Core Services Overview CBIO provides a set of core services which the Forms and Print Service for Salesforce is built upon. This set of services includes Authentication and Authorization Services, Management Services (such as User and Tenant), and Log Services. Users can log into CBIO via a Web browser and Canon imagerunner ADVANCE devices. Authentication and Authorization Services Authentication and Authorization Services are used to enable access to CBIO based on a User ID and strong password and managed user roles. The unified authentication process helps prevent malicious users from accessing CBIO services. Authentication and Authorization Services are used by all CBIO services. Authentication Service can provide SSO with other provider s cloud services to provide seamless connections. With Forms and Print Services for Salesforce, SAML2.0 protocol is used for SSO with salesforce.com. Management and Log Services Management and Log Services are used to manage CBIO ID information (subscriptions) as well as operation information. CBIO manages the following users and usage activities: Tenant information User ID/password information User roles All user activities (user operations) are tracked and managed by Log Services. 6
7 CBIO Security Overview A high-level summary of security features for CBIO is described in the chart below. Item Data center Certification Network protocol Authentication How Secured ISO9001/ISO14001/ISO20000/ISO27001 https(ssl3.0) ID, strong password required to log in Single sign on protocol SAML 2.0 Data center security Data Separation, Access Control, Encryption of print data (AES256). Print content data is deleted after 48 hours Data Center facility security Palm and vein authentication for entrance 24 hour monitoring Whereabouts tracking using RFID tags monitors all employees and visitors Locked racks Single Sign On In order to use the services of CBIO, users must be authenticated. CBIO supports SAML2.0 (Security Assertion Markup Language) and provides Single Sign-On function with salesforce.com via the web browser. There are various scenarios to log-in to CBIO. User connects to CBIO and enters their user ID and password for CBIO. User connects to CBIO and enters their user ID and password for salesforce.com. This user can access their salesforce.com account without entering their user ID and password. User connects to salesforce.com and enters their user ID and password for salesforce.com. This user can access CBIO without entering their user ID and password for CBIO. User logs-in to the Canon imagerunner ADVANCE device with a Smart Card or enters their user ID and password that is registered (by the device owner) in CBIO. By authenticating to this device, a user can connect to CBIO without separately entering their user ID and password for CBIO. 7
8 SAML SAML is an XML standard established by the information standards association OASIS, and is used for exchanging authentication information between different sites safely and in such a way that it enables single sign-on. To perform SAML 2.0-based Single Sign-On with CBIO, a metadata file issued by salesforce.com that contains information about the site and the customer that is needed to enable Single Sign-On with CBIO. Single Sign-On for the Direct Print Scenario The figure and table below depict the basic flow of Single Sign-On from salesforce.com to CBIO cloud services that leverage SAML. salesforce.com CBIO Identity Provider (IdP) Service Provider (SP) Authenticates user by receiving login credentials from the user and issues the SAML assertion. Relies on the assertion issued by the IdP and authenticates the request without requiring an additional sign-in to CBIO. IdP: The provider that authenticates user by receiving sign-on from the user and issues the SAML assertion. In this case, salesforce.com acts as the IdP. SP: The provider that relies on the assertion issued by IdP and authenticates the user trying to access the service. In this case CBIO and Forms and Print Services for Salesforce are the service provider. Single Sign-On for the Authenticated Print Scenario The following is the use case scenario for Authenticated Print using Single Sign-on: A user walks up to a Canon imagerunner Advance device, authenticates using a Smart Card or entering user ID and password, and selects a print job stored in CBIO to print. 8
9 SSO Configuration Some configuration must be done to accomplish single-sign on between salesforce.com and CBIO for the Direct Print use case and between a Canon imagerunner ADVANCE device and CBIO for the Authenticated Print use case. For the Direct Print use case, this is summarized as follows: In salesforce.com Setup a sub-domain of salesforce.com for your organization. Using salesforce.com configuration tools, enable your salesforce.com organization (based on the sub-domain entered in step 1) as an Identity Provider (i.e. IdP). Configure CBIO as a Service Provider within your salesforce.com organization. Download a metadata file and a digital certificate created via salesforce.com based upon input provided in steps 1-3 above. In CBIO Upload the metadata file and digital certificate obtained in step 4 above and wait for Canon to process the information accordingly within CBIO (takes 1-2 days). Setup authentication mapping of user accounts between CBIO and salesforce.com. See screenshot below. Register the printing devices to be used for this use case in CBIO. jdoe@ciis.canon.demo1 For the Authenticated Print Use Case, the Administrator has to perform the following operations within CBIO before users can log into a print device to release CBIO print jobs: Register the printing devices to be used for this use case with CBIO. Associate/map each CBIO user with their device user login ID together. 9
10 Data Transmission Security for CBIO Solutions The communication protocol between a Web browser and CBIO server is via HTTPS (HTTP over SSL/TLS) protocol. Additionally, communication between the Web browser and the print device that is done as part of the Direct Print case and can also be secured via SSL/TLS (optional). The CBIO Server Certificate is signed by VeriSign and installed in CBIO server enabling data encryption through SSL connection. The Canon imagerunner ADVANCE devices have the root VeriSign certificate pre-installed and any modern web browser used by the client PC should as well thus no additional configuration is needed for SSL communications to CBIO. To achieve SSL communication between the CBIO-registered imagerunner ADVANCE device and the client PC-device for the Direct Print case, the CA certificate that corresponds with device certificate is required to be trusted by the client PC. If the device certificate is selfsigned (by the device), the CA certificate is the device certificate. The figure below depicts this situation. 10
11 Customer Data Security Canon considers the security and privacy of customer data to be of utmost importance. In Forms and Print Services for Salesforce, the only customer data stored by CBIO is basic account information. The print data that is sent to a print device only resides within CBIO for a maximum of forty-eight (48) hours (this is relevant to the Authenticated Print case). Nevertheless, the security of that data is important and it is therefore stored within CBIO encrypted, using strong encryption via the AES256 algorithm. All communication with CBIO is done via the SSL/TLS protocol (including the client PC browser as well as CBIO-enabled printing devices). A CBIO customer or tenant is a corporation or group within corporations that use CBIO. Only users that belong to a contracted group and have created a CBIO account in that group can use CBIO. Canon Business Imaging Online implements an intermediary virtual partition layer between a tenant and user data that makes it appear to the tenant as though its data is the only data in the user data storage. Tenant settings use access control lists to determine who can access data and what they can do with it. User print data is encrypted with a unique encryption key for each tenant/customer and utilizes the AES256 encryption algorithm. 11
12 Summary Canon s cloud platform for its business applications, Canon Business Imaging Online (CBIO), provides its customers access to Canon s latest technologies and services on the cloud. Canon is committed to the security and privacy of its customers and therefore, CBIO is hosted at a secure data center with the latest, industry standard security measures and precautions in place. At the platform level, key architectural design points are built-in to the CBIO infrastructure. At the service level, CBIO provides a set of core services including Authentication and Authorization Services, Management Services, and Log Services. All of which help prevent unauthorized users from accessing CBIO services. As cloud computing continues to grow and Canon s cloud offerings increase, customers should feel confident that their information will remain secure and private. Canon will ensure that the flexibility, speed, and reliability they are used to, remains intact while the services offered through CBIO continue to expand. 12
13 About Canon / CIIS Canon U.S.A., Inc. launched Canon Information and Imaging Solutions, Inc. as a wholly owned subsidiary to harness the power of two of Canon s greatest intangible assets: in depth knowledge of information flow and the best in imaging technology. As a market leader in integrating office equipment and software into organizations network environments, Canon U.S.A., Inc., has gained tremendous insight into the way companies handle information - - whether it is on paper or in back-end systems. Ever since Canon U.S.A. introduced its award winning line of multifunction devices and began connecting them into company networks, Canon Solution Consultants have been optimizing vital business processes, enabling companies to save money in the process. Canon U.S.A., Inc. has a history of introducing market leading products and new technologies that foster new industries. Throughout this experience, Canon U.S.A., Inc. has developed an expertise in understanding how information flows within an organization. Canon Information and Imaging Solutions, Inc. is initially comprised of Canon USA s Professional Services personnel who were transferred to the new company. The team includes solution consultants, process analysts and project management experts with experience across many industries. These individuals possess multiple certifications including Project Management Professional (PMP) and Microsoft Windows Administrator as well as a variety of industry specific certifications. The in house engineering talent is top notch, with development experience in a variety of imaging and enterprise technologies. Salesforce is a trademark of salesforce.com, inc. CANON and imagerunner are registered trademarks of Canon Inc. in the United States and may also be a registered trademark or trademark in other countries. //LOOKFORWARD and the LOOKFORWARD design marks are trademarks of Canon Information and Imaging Solutions, Inc. All other referenced product names and marks are trademarks of their respective owners and are hereby acknowledged. Specifications are subject to change without notice Canon Information and Imaging Solutions, Inc. All rights reserved. 13
MAXIMUM DATA SECURITY with ideals TM Virtual Data Room
MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for
More informationThe increasing popularity of mobile devices is rapidly changing how and where we
Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationEnsuring Enterprise Data Security with Secure Mobile File Sharing.
A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite
More informationFlexible Identity Federation
Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services
More informationWhite Paper. BD Assurity Linc Software Security. Overview
Contents 1 Overview 2 System Architecture 3 Network Settings 4 Security Configurations 5 Data Privacy and Security Measures 6 Security Recommendations Overview This white paper provides information about
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationPerceptive Experience Single Sign-On Solutions
Perceptive Experience Single Sign-On Solutions Technical Guide Version: 2.x Written by: Product Knowledge, R&D Date: January 2016 2016 Lexmark International Technology, S.A. All rights reserved. Lexmark
More informationCA Performance Center
CA Performance Center Single Sign-On User Guide 2.4 This Documentation, which includes embedded help systems and electronically distributed materials, (hereinafter referred to as the Documentation ) is
More informationThe Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency
logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011
More informationAgenda. How to configure
dlaw@esri.com Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context of ArcGIS Server/Portal for ArcGIS Access Authentication Authorization: securing web services
More informationIBM Cognos TM1 on Cloud Solution scalability with rapid time to value
IBM Solution scalability with rapid time to value Cloud-based deployment for full performance management functionality Highlights Reduced IT overhead and increased utilization rates with less hardware.
More informationHow To Secure Your Data Center From Hackers
Xerox DocuShare Private Cloud Service Security White Paper Table of Contents Overview 3 Adherence to Proven Security Practices 3 Highly Secure Data Centers 4 Three-Tier Architecture 4 Security Layers Safeguard
More informationSAML Authentication Quick Start Guide
SAML Authentication Quick Start Guide Powerful Authentication Management for Service Providers and Enterprises Authentication Service Delivery Made EASY Copyright 2013 SafeNet, Inc. All rights reserved.
More informationEmpLive Technical Overview
Version 1.6 Updated 27/08/2015 Support: +61 2 8399 1688 Email: support@wfsaustralia.com Website: wfsaustralia.com Legal Notice Copyright WFS: A WorkForce Software Company. All Rights Reserved. By receiving
More informationCA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam
CA Single Sign-On r12.x (CA SiteMinder) Implementation Proven Professional Exam (CAT-140) Version 1.4 - PROPRIETARY AND CONFIDENTIAL INFORMATION - These educational materials (hereinafter referred to as
More informationTableau Online Security in the Cloud
Tableau Online Security in the Cloud Author: Ellie Fields Senior Director, Product Marketing, Tableau Software June 2013 p2 Tableau Software understands that data is among the most strategic and important
More informationGTS Software Pty Ltd. Remote Desktop Services
GTS Software Pty Ltd Remote Desktop Services Secure web access to GTS Software applications CONTENTS Overview... 2 What GTS can provide with Remote Desktop Services... 2 Main Features... 3 RD Web Access...
More informationHOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services
1 HOTPin Integration Guide: Salesforce SSO with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided
More informationTenrox. Single Sign-On (SSO) Setup Guide. January, 2012. 2012 Tenrox. All rights reserved.
Tenrox Single Sign-On (SSO) Setup Guide January, 2012 2012 Tenrox. All rights reserved. About this Guide This guide provides a high-level technical overview of the Tenrox Single Sign-On (SSO) architecture,
More informationGoogle Identity Services for work
INTRODUCING Google Identity Services for work One account. All of Google Enter your email Next Online safety made easy We all care about keeping our data safe and private. Google Identity brings a new
More informationMobile Security. Policies, Standards, Frameworks, Guidelines
Mobile Security Policies, Standards, Frameworks, Guidelines Guidelines for Managing and Securing Mobile Devices in the Enterprise (SP 800-124 Rev. 1) http://csrc.nist.gov/publications/drafts/800-124r1/draft_sp800-124-rev1.pdf
More informationInfor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security
Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous
More informationXerox Mobile Print Cloud
September 2012 702P00860 Xerox Mobile Print Cloud Information Assurance Disclosure 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United
More informationDualShield SAML & SSO. Integration Guide. Copyright 2011 Deepnet Security Limited. Copyright 2011, Deepnet Security. All Rights Reserved.
DualShield Integration Guide Copyright 2011 Deepnet Security Limited Copyright 2011, Deepnet Security. All Rights Reserved. Page 1 Trademarks Deepnet Unified Authentication, MobileID, QuickID, PocketID,
More informationIMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS
APPLICATION NOTE IMPLEMENTING SINGLE SIGN- ON USING SAML 2.0 ON JUNIPER NETWORKS MAG SERIES JUNOS PULSE GATEWAYS SAML 2.0 combines encryption and digital signature verification across resources for a more
More informationSecurity FAQs (Frequently Asked Questions) for Xerox Remote Print Services
Security FAQs (Frequently Asked Questions) for Xerox Remote Print Services February 30, 2012 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation
More informationHow To Use Salesforce Identity Features
Identity Implementation Guide Version 35.0, Winter 16 @salesforcedocs Last updated: October 27, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of
More informationUNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1
UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1 As organizations unlock the true potential of meeting over the web as an alternative to costly and timeconsuming travel,
More informationIntroduction to SAML
Introduction to THE LEADER IN API AND CLOUD GATEWAY TECHNOLOGY Introduction to Introduction In today s world of rapidly expanding and growing software development; organizations, enterprises and governments
More informationCompulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows
Compulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows Compulink Business Systems, Inc. 2645 Townsgate Road, Suite 200 Westlake Village, CA 91361 2013 Compulink
More informationIntegrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER
Integrating VMware Horizon Workspace and VMware Horizon View TECHNICAL WHITE PAPER Table of Contents Introduction.... 3 Requirements.... 3 Horizon Workspace Components.... 3 SAML 2.0 Standard.... 3 Authentication
More informationTable of Contents. Page 1 of 6 (Last updated 30 July 2015)
Table of Contents What is Connect?... 2 Physical Access Controls... 2 User Access Controls... 3 Systems Architecture... 4 Application Development... 5 Business Continuity Management... 5 Other Operational
More informationAutodesk PLM 360 Security Whitepaper
Autodesk PLM 360 Autodesk PLM 360 Security Whitepaper May 1, 2015 trust.autodesk.com Contents Introduction... 1 Document Purpose... 1 Cloud Operations... 1 High Availability... 1 Physical Infrastructure
More informationConfiguring Single Sign-on from the VMware Identity Manager Service to WebEx
Configuring Single Sign-on from the VMware Identity Manager Service to WebEx VMware Identity Manager SEPTEMBER 2015 V 2 Configuring Single Sign-On from VMware Identity Manager to WebEx Table of Contents
More informationCloud Portal for imagerunner ADVANCE
Cloud Portal for imagerunner ADVANCE User's Guide Please read this guide before operating this product. After you finish reading this guide, store it in a safe place for future reference. ENG How This
More informationImplementation Guide SAP NetWeaver Identity Management Identity Provider
Implementation Guide SAP NetWeaver Identity Management Identity Provider Target Audience Technology Consultants System Administrators PUBLIC Document version: 1.10 2011-07-18 Document History CAUTION Before
More informationLeveraging SAML for Federated Single Sign-on:
Leveraging SAML for Federated Single Sign-on: Seamless Integration with Web-based Applications whether cloudbased, private, on-premise, or behind a firewall Single Sign-on Layer v.3.2-006 PistolStar, Inc.
More informationBlue Jeans Network Security Features
Technical Guide Blue Jeans Network Security Features Blue Jeans Network understands an organization s need for secure communications. The Blue Jeans cloud-based video conferencing platform provides users
More informationXerox SMart esolutions. Security White Paper
Xerox SMart esolutions Security White Paper 1 Xerox SMart esolutions White Paper Network and data security is one of the many challenges that businesses face on a daily basis. Recognizing this, Xerox Corporation
More informationClickTale Security Standards and Practices: Delivering Peace of Mind in Digital Optimization
Delivering Peace of Mind in Digital Optimization TABLE OF CONTENTS INTRODUCTION 2 PRIVACY AND ANONYMITY 3 ISO 27001 COMPLIANCE 5 APPLICATION-LEVEL SECURITY 6 PENETRATION TESTING AND SECURITY AUDITS 7 GENERAL
More informationOpen Data Center Alliance Usage: Provider Assurance Rev. 1.1
sm Open Data Center Alliance Usage: Provider Assurance Rev. 1.1 Legal Notice This Open Data Center Alliance SM Usage:Provider Assurance is proprietary to the Open Data Center Alliance, Inc. NOTICE TO USERS
More informationSplunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF
Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF Businesses around the world have adopted the information security standard ISO 27002 as part of their overall risk
More informationTOP SECRETS OF CLOUD SECURITY
TOP SECRETS OF CLOUD SECURITY Protect Your Organization s Valuable Content Table of Contents Does the Cloud Pose Special Security Challenges?...2 Client Authentication...3 User Security Management...3
More informationProjectplace: A Secure Project Collaboration Solution
Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the
More informationINTEGRATION GUIDE. DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server
INTEGRATION GUIDE DIGIPASS Authentication for Salesforce using IDENTIKEY Federation Server Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is
More informationFive keys to a more secure data environment
Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational
More informationWHITE PAPER NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW
NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW INTRODUCTION As businesses adopt new technologies that touch or leverage critical company data, maintaining the highest level of security is their
More informationDropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description
Dropbox for Business Secure file sharing, collaboration and cloud storage G-Cloud Service Description Table of contents Introduction to Dropbox for Business 3 Security 7 Infrastructure 7 Getting Started
More informationNew Single Sign-on Options for IBM Lotus Notes & Domino. 2012 IBM Corporation
New Single Sign-on Options for IBM Lotus Notes & Domino 2012 IBM Corporation IBM s statements regarding its plans, directions, and intent are subject to change or withdrawal without notice at IBM s sole
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationShareFile Security Overview
ShareFile Security Overview ShareFile Company Policy All ShareFile employees undergo full background checks and sign our information security policy prior to beginning employment with the company. The
More informationFor details about using automatic user provisioning with Salesforce, see Configuring user provisioning for Salesforce.
Chapter 41 Configuring Salesforce The following is an overview of how to configure the Salesforce.com application for singlesign on: 1 Prepare Salesforce for single sign-on: This involves the following:
More informationRSS Cloud Solution COMMON QUESTIONS
RSS Cloud Solution COMMON QUESTIONS 1 Services... 3 Connectivity... 5 Support... 6 Implementation... 7 Security... 8 Applications... 9 Backups... 9 Email... 10 Contact... 11 2 Services What is included
More informationSAML 2.0 SSO Deployment with Okta
SAML 2.0 SSO Deployment with Okta Simplify Network Authentication by Using Thunder ADC as an Authentication Proxy DEPLOYMENT GUIDE Table of Contents Overview...3 The A10 Networks SAML 2.0 SSO Deployment
More informationData Protection: From PKI to Virtualization & Cloud
Data Protection: From PKI to Virtualization & Cloud Raymond Yeung CISSP, CISA Senior Regional Director, HK/TW, ASEAN & A/NZ SafeNet Inc. Agenda What is PKI? And Value? Traditional PKI Usage Cloud Security
More informationSoftware Version 1.0 ConnectKey TM Share to Cloud April 2013. Xerox ConnectKey Share to Cloud User / Administrator s Guide
Software Version 1.0 ConnectKey TM Share to Cloud April 2013 Xerox ConnectKey Share to Cloud User / Administrator s Guide 2013 Xerox Corporation. All rights reserved. Xerox, Xerox and Design, and Xerox
More informationUseful Tips for Reducing the Risk of Unauthorized Access for Network Cameras Important
Useful Tips for Reducing the Risk of Unauthorized Access for Network Cameras Important System administrators are advised to read. Overview and Use of this Guide Objectives This guide provides additional
More informationConfiguring Salesforce
Chapter 94 Configuring Salesforce The following is an overview of how to configure the Salesforce.com application for singlesign on: 1 Prepare Salesforce for single sign-on: This involves the following:
More informationAuthentication and Single Sign On
Contents 1. Introduction 2. Fronter Authentication 2.1 Passwords in Fronter 2.2 Secure Sockets Layer 2.3 Fronter remote authentication 3. External authentication through remote LDAP 3.1 Regular LDAP authentication
More informationS E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s
S E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s During the period between November 2012 and March 2013, Symantec Consulting Services partnered with Bomgar to assess the security
More informationRemote Services. Managing Open Systems with Remote Services
Remote Services Managing Open Systems with Remote Services Reduce costs and mitigate risk with secure remote services As control systems move from proprietary technology to open systems, there is greater
More informationSECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our
ENDNOTE ONLINE SECURITY OVERVIEW FOR MY.ENDNOTE.COM In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our servers from attacks and other attempts
More informationMobile Mobile Security COPYRIGHT 2014 INTUITION ALL RIGHTS RESERVED. Copyright 2014 Intuition
Mobile Mobile Security COPYRIGHT 2014 INTUITION ALL RIGHTS RESERVED 1 Background Traditionally, security has not been a high priority for e-learning; as such content was hosted and only accessible at the
More informationSymantec Enterprise Vault.cloud Overview
Fact Sheet: Archiving and ediscovery Introduction The data explosion that has burdened corporations and governments across the globe for the past decade has become increasingly expensive and difficult
More informationOracle Cloud Hosting and Delivery Policies Effective Date: June 1, 2015 Version 1.5
Oracle Cloud Hosting and Delivery Policies Effective Date: June 1, 2015 Version 1.5 Unless otherwise stated, these Oracle Cloud Hosting and Delivery Policies (the Delivery Policies ) describe the Oracle
More informationSalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy
SalesForce SSO with Active Directory Federated Services (ADFS) v2.0 Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 Merlin House
More informationCopyright http://support.oracle.com/
Primavera Portfolio Management 9.0 Security Guide July 2012 Copyright Oracle Primavera Primavera Portfolio Management 9.0 Security Guide Copyright 1997, 2012, Oracle and/or its affiliates. All rights reserved.
More informationWhat s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4
Page 1 Product Bulletin What s New in Juniper Networks Secure Access (SA) SSL VPN Version 6.4 This document lists the new features available in Version 6.4 of the Secure Access SSL VPN product line. This
More informationIT Architecture Review. ISACA Conference Fall 2003
IT Architecture Review ISACA Conference Fall 2003 Table of Contents Introduction Business Drivers Overview of Tiered Architecture IT Architecture Review Why review IT architecture How to conduct IT architecture
More informationThe BiGuard SSL VPN Appliances
The BiGuard SSL VPN Appliances ERP Application Guide 1. What is ERP (Enterprise Resource Planning)? 2. The current status of ERP 3. Billion s solutions for several ERP usage scenarios A. Small to medium
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationThree Ways to Integrate Active Directory with Your SaaS Applications OKTA WHITE PAPER. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107
OKTA WHITE PAPER Three Ways to Integrate Active Directory with Your SaaS Applications Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871 wp-3waysad-113012 Table
More informationSecurity Controls What Works. Southside Virginia Community College: Security Awareness
Security Controls What Works Southside Virginia Community College: Security Awareness Session Overview Identification of Information Security Drivers Identification of Regulations and Acts Introduction
More informationUnderstanding Enterprise Cloud Governance
Understanding Enterprise Cloud Governance Maintaining control while delivering the agility of cloud computing Most large enterprises have a hybrid or multi-cloud environment comprised of a combination
More informationOnly LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.
This chapter provides information about the Security Assertion Markup Language (SAML) Single Sign-On feature, which allows administrative users to access certain Cisco Unified Communications Manager and
More informationAvoid the Hidden Costs of AD FS with Okta
Okta White paper Avoid the Hidden Costs of AD FS with Okta Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107 info@okta.com 1-888-722-7871 wp-adfs-031413 Table of Contents 1 Challenges of
More informationCloud Single Sign-On and On-Premise Identity Federation with SAP NetWeaver Cloud White Paper
Cloud Single Sign-On and On-Premise Identity Federation with SAP NetWeaver Cloud White Paper TABLE OF CONTENTS INTRODUCTION... 3 Where we came from... 3 The User s Dilemma with the Cloud... 4 The Administrator
More informationAddressing Cloud Computing Security Considerations
Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft
More informationThe Essential Security Checklist. for Enterprise Endpoint Backup
The Essential Security Checklist for Enterprise Endpoint Backup IT administrators face considerable challenges protecting and securing valuable corporate data for today s mobile workforce, with users accessing
More informationHP Software as a Service. Federated SSO Guide
HP Software as a Service Federated SSO Guide Document Release Date: July 2014 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty statements accompanying
More informationConnectivity to Polycom RealPresence Platform Source Data
Polycom RealAccess Security White Paper The Polycom RealAccess service is delivered using the Software as a Service (SaaS) model. This white paper outlines how the service protects sensitive customer data
More informationEbook Review - NOVA Time 4000 SaaS
The Elite Workforce Management Solution For state-of-the-art technology, leading-edge interfaces, and world-class support, NOVAtime 4000 Software as a Service (SaaS) is the Elite Workforce Management solution.
More informationWhite Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0
White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative
More informationIntegration Guide. SafeNet Authentication Service. Using SAS as an Identity Provider for Salesforce
SafeNet Authentication Service Integration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES
CONTENTS About Tools4ever... 3 About Deloitte Risk Services... 3 HelloID... 4 Microsoft Azure... 5 HelloID Security Architecture... 6 Scenarios... 8 SAML Identity Provider (IDP)... 8 Service Provider SAML
More informationSAP Cloud Identity Service Document Version: 1.0 2014-09-01. SAP Cloud Identity Service
Document Version: 1.0 2014-09-01 Content 1....4 1.1 Release s....4 1.2 Product Overview....8 Product Details.... 9 Supported Browser Versions....10 Supported Languages....12 1.3 Getting Started....13 1.4
More informationMicrosoft Office 365 Using SAML Integration Guide
Microsoft Office 365 Using SAML Integration Guide Revision A Copyright 2013 SafeNet, Inc. All rights reserved. All attempts have been made to make the information in this document complete and accurate.
More informationPingFederate. Salesforce Connector. Quick Connection Guide. Version 4.1
PingFederate Salesforce Connector Version 4.1 Quick Connection Guide 2011 Ping Identity Corporation. All rights reserved. PingFederate Salesforce Quick Connection Guide Version 4.1 June, 2011 Ping Identity
More informationNCSU SSO. Case Study
NCSU SSO Case Study 2 2 NCSU Project Requirements and Goals NCSU Operating Environment Provide support for a number Apps and Programs Different vendors have their authentication databases End users must
More informationTroux Hosting Options
Troux Hosting Options Introducing Troux Hosting Options Benefits of a Hosted Troux Environment...3 Convenience...3 Time-to-Value...3 Reduced Cost of Ownership...3 Scalability and Flexibility...3 Security...4
More informationWorkday Mobile Security FAQ
Workday Mobile Security FAQ Workday Mobile Security FAQ Contents The Workday Approach 2 Authentication 3 Session 3 Mobile Device Management (MDM) 3 Workday Applications 4 Web 4 Transport Security 5 Privacy
More informationSingle Sign-on. Overview. Using SSO with the Cisco WebEx and Cisco WebEx Meeting. Overview, page 1
Overview, page 1 Using SSO with the Cisco WebEx and Cisco WebEx Meeting Applications, page 1 Requirements, page 2 Configuration of in Cisco WebEx Messenger Administration Tool, page 3 Sample Installation
More informationSecurity Controls for the Autodesk 360 Managed Services
Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices
More informationWhat is an SSL Certificate?
Security is of the utmost importance when doing business on the Web. Your customers want to know that their information is protected when crossing data lines. A Thawte SSL Web Server Certificate or SuperCert
More informationInjazat s Managed Services Portfolio
Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.
More informationProjectManager.com Security White Paper
ProjectManager.com Security White Paper Standards & Practices www.projectmanager.com Introduction ProjectManager.com (PM) developed its Security Framework to continue to provide a level of security for
More informationHP Software as a Service
HP Software as a Service Software Version: 6.1 Federated SSO Document Release Date: August 2013 Legal Notices Warranty The only warranties for HP products and services are set forth in the express warranty
More informationArchitecture Guidelines Application Security
Executive Summary These guidelines describe best practice for application security for 2 or 3 tier web-based applications. It covers the use of common security mechanisms including Authentication, Authorisation
More informationSingle Sign On for ShareFile with NetScaler. Deployment Guide
Single Sign On for ShareFile with NetScaler Deployment Guide This deployment guide focuses on defining the process for enabling Single Sign On into Citrix ShareFile with Citrix NetScaler. Table of Contents
More information