Secure any data, anywhere. The Vera security architecture

Similar documents
SOOKASA WHITEPAPER SECURITY SOOKASA.COM

Security Architecture Whitepaper

Securing and Monitoring Access to Office 365

Dell World Software User Forum 2013

What We Do: Simplify Enterprise Mobility

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

An Enterprise Approach to Mobile File Access and Sharing

activecho Frequently Asked Questions

How To Secure Shareware Kiteworks By Accellion

Secure Document Sharing & Online Workspaces for Financial Institutions

Box: Redefining Security for the Cloud

Symantec App Center. Mobile Application Management and Protection. Data Sheet: Mobile Security and Management

Securing Office 365 with MobileIron

An Enterprise Approach to Mobile File Access and Sharing

Cloud Backup and Recovery for Endpoint Devices

Fileweave. Large File Transfer. Seamless Microsoft Outlook add-in. Simple drag and drop functionality

Symantec Mobile Management 7.1

Secure Cross Border File Protection & Sharing for Enterprise Product Brief CRYPTOMILL INC

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

Symantec Managed PKI Service Deployment Options

Top. Reasons Federal Government Agencies Select kiteworks by Accellion

Symantec Mobile Management for Configuration Manager 7.2

Securing Content: The Core Currency of Your Business. Brian Davis President, Net Generation

Copyright 2012 Trend Micro Incorporated. All rights reserved.

Athena Mobile Device Management from Symantec

5 Things You Didn t Know About Cloud Backup

Symantec Mobile Management Suite

Enterprise Content Sharing: A Data Security Checklist. Whitepaper Enterprise Content Sharing: A Data Security Checklist

Information Rights Management for Banking Seclore FileSecure Provides Intelligent Document & Data Protection that Extends Beyond Enterprise Borders

Online File Sharing for Business

Powered by. FSS Buyer s Guide Why a File Sync & Sharing Solution is Critical for Your Business

Frequently Asked Questions. Frequently Asked Questions SSLPost Page 1 of 31 support@sslpost.com

Top. Reasons Legal Firms Select kiteworks by Accellion

Top. Enterprise Reasons to Select kiteworks by Accellion

Systems Manager Cloud Based Mobile Device Management

Introducing Databackup.com Cloud Backup. File Locker File Sharing & Collaboration EndGaurd EndPoint Protection & Device Management

Whitepaper. Simple and secure. Business requirements for Enterprise File Sync and Share solutions.

Vs Encryption Suites

SOOKASA WHITEPAPER CASB SECURITY OVERVIEW.

MaaSter Microsoft Ecosystem Management with MaaS360. Chuck Brown Jimmy Tsang

Imperva Skyfence Secures Office 365 Access for Mobile Employees at Metro Bank

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

Daymark DPS Enterprise - Agentless Cloud Backup and Recovery Software

Symantec Mobile Management 7.2

An Overview of Samsung KNOX Active Directory and Group Policy Features

Security Overview Enterprise-Class Secure Mobile File Sharing

Secure Enterprise Online File Sharing with Syncplicity Date: November 2014 Author: Tony Palmer, Senior Lab Analyst, Aviv Kaufmann, Lab Analyst

Symantec Mobile Management 7.1

Safeguard Protected Health Information With Citrix ShareFile

The Cloud App Visibility Blindspot

UNCLASSIFIED. UK Archiving powered by Mimecast Service Description

Top 7 Tips for Better Business Continuity

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

CASE STUDY. Global Airline Empowers Mobile Workforce for SaaS Apps while Reducing Risk

Enterprise Mobility as a Service

Protecting Your Data On The Network, Cloud And Virtual Servers

Remote Desktop Access for the Mobile Workforce

EXECUTIVE SUMMARY Cloud Backup for Endpoint Devices

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

White Paper. Simplify SSL Certificate Management Across the Enterprise

Symantec Enterprise Vault.cloud Overview

Kaseya IT Automation Framework

Symantec Mobile Management 7.2

Problem. Solution. Quatrix is professional, secure and easy to use file sharing.

Radia Cloud. User Guide. For the Windows operating systems Software Version: Document Release Date: June 2014

How To Protect Your Data From Harm

Qlik Sense Enabling the New Enterprise

Endpoint Management and Mobility Solutions from Symantec. Adapting traditional IT operations for new end-user environments

Mac OS X User Manual Version 2.0

Business Case for Voltage Secur Mobile Edition

Comprehensive Agentless Cloud Backup and Recovery Software for the Enterprise

Directory-as-a-Service Primer (DaaS)

Simplify SSL Certificate Management Across the Enterprise

MANAGEMENT SOLUTIONS SAFEGUARD BUSINESS CONTINUITY AND PRODUCTIVITY WITH MIMECAST

Your Location Instant NOC using Kaseya. Administrator at Remote Location Secure access to Management Console from anywhere using only a browser

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

Symantec Encryption Solutions for , Powered by PGP Technology

FileDrawer An Enterprise File Sharing and Synchronization (EFSS) solution.

FileCloud Security FAQ

When enterprise mobility strategies are discussed, security is usually one of the first topics

How To Use Uniflow

One Platform for all your Print, Scan and Device Management

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

DirX Identity V8.5. Secure and flexible Password Management. Technical Data Sheet

MOBILITY & INTERCONNECTIVITY. Features SECURITY OF INFORMATION TECHNOLOGIES

Enterprise Private Cloud Storage

Enterprise Mobility Management: A Data Security Checklist. Whitepaper Enterprise Mobility Management: A Checklist for Securing Content

Copyright 2013 Trend Micro Incorporated. All rights reserved.

Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

Extending Threat Protection and Control to Mobile Workers with Cloud-Based Security Services > White Paper

DirX Identity V8.4. Secure and flexible Password Management. Technical Data Sheet

SureDrop Secure collaboration. Without compromise.

AirWatch Solution Overview

CloudLink CypherX - A Defendection

Druva insync vs. Altiris/Symantec DLO. Comparison Guide

Endpoint protection for physical and virtual desktops

Secure Cloud Computing

Secure iphone Access to Corporate Web Applications

Transcription:

2015 VERA TECHNICAL WHITEPAPER Secure any data, anywhere. The Vera security architecture At Vera TM, we believe that enterprise security perimeters are porous and data will travel. In a world of continuous productivity, collaboration across companies and services, and truly productive mobility, it s vital for organizations to confront this shift head-on by attaching security directly to the data itself. The Vera platform enables businesses of all sizes to effectively protect any kind of data, and then track, audit and manage the policies securing it in real-time, no matter how far it travels. Our belief is that it is possible to secure data no matter what device, person, cloud or application it travels to, even if and after it falls into the wrong hands. Current solutions, from on-premises storage, to Enterprise Content Management (ECM), to modern enterprise sync and share tools -- like Box, Dropbox and OneDrive -- can address different parts of this problem. But, none have the capability to fully protect the full lifecycle of enterprise content. Companies regularly store and share information across multiple repositories, and the daily course of business disperses that data across different systems, from CRM to ERP to HRM and even to financial systems. As organizations and individual workers become more continuously productive, IT and security teams need tools that can simply extend these controls across platforms. Even for organizations with a clear cloud and data control strategy, this fragmentation of sources and sharing services drastically reduces the ability to monitor and control the spread of data. Moreover, all of this needs to be done with a focus on user interaction design. By making it simple and transparent to secure and share securely across any repository, companies can improve adherence to policy and dramatically improve their governance, security and data control posture Vera s unique security model follows your data wherever it goes. For every individual in your organization, we make it effortless to securely collaborate with anyone, no matter which tools they choose to use. For IT and security practitioners, Vera provides powerful management and oversight in a cloud-based platform that can coordinate and monitor activity independent of where content is stored.

The Vera Approach SIMPLE SECURE DATA PROTECTION THAT FOLLOWS YOUR CONTENT The Vera architecture is designed to address the challenges created by today s highly collaborative, cloud-based and mobile-centric work environment. Based on the assumption that traditional perimeter- and endpoint-based security solutions are ineffective ways to protect your enterprise s data, Vera provides flexible, transparent data security that is: 1. STORAGE, TRANSIT AND DATA AGNOSTIC. Due to the highly-collaborative nature of business, it is not safe to assume that enterprise data resides solely in controlled systems. A better approach is to design a system that can operate securely, independent from how information is shared or stored. And, to ensure the control, management and ownership over critical data, the platform must permit any kind of content type to be controlled and monitored consistently. 2. DATA-CENTRIC AND POLICY-DRIVEN. Secure cloud platforms permit the centralization of policies that govern the management of sensitive enterprise data. By giving organizations central control over access, sharing and collaboration, policies follow the data and can be implemented globally and automatically across the entire organization. 3. DESIGNED FOR FLEXIBILITY, ADOPTION AND COMPLIANCE. In a complex organization, data security is improved through adoption and compliance, and the fastest path to these goals is through useful, flexible and consistent user experiences. Securing data must be simple and transparent, and there must be as little friction as possible for collaborators receiving secured data -- no matter what platform or tools they choose to use. By designing a system that addresses these three key criteria, organizations can more effectively implement, manage and encourage compliance to their individual data security standards.

The Vera Architecture To address these three requirements and deliver a highly available, flexible and confidential security system that can serve both large and small businesses alike, Vera incorporates three primary components in its platform architecture: a secure cloud platform, a set of end-user clients, and a web-based administration dashboard. VERA CLOUD PLATFORM The central component of the Vera service is the cloud platform. The Vera cloud platform manages the policy and controls for each customer, or tenant on the platform, and securely manages the processes of creating keys, enforcing access policies and aggregating events and activities for audit and reporting purposes. No customer data or content is stored on the Vera Cloud Platform. VERA END-USER CLIENTS The end-user clients on mobile devices, Windows PCs and Apple OS X desktops facilitate the encyrption, decryption and policy determination for everything secured by Vera. Through each endpoint, Vera can transparently confirm identity, protect new data as it is created, enforce policy restrictions, and ensure the secure transmission of keys and policy to and from the Vera Cloud Platform. An end-user client permits IT teams to centrally manage access on devices both in and outside the enterprise s control. Securing the Enterprise Put together, these three components can secure, monitor and control any type of enterprise data, in any platform. Currently, the Vera Cloud Platform and End User Clients support the encryption and policy management for content - the documents, objects and files most frequently collaborated on by employees. When a new document is secured with Vera, the client on the employee s device requests a key from the Vera Cloud Platform. A unique key is created for that document, which identifies it in the Vera system and allows it to be associated with a policy and tracked across any repository or device. The key is stored securely on the Vera platform, and any restrictions in the policy are applied to the document. These policy restrictions include the ability to control a recipient s ability to Open, Edit, Copy, Share or Save a copy of the file. All of these activities are logged and tracked by the cloud platform, and are aggregated for viewing in the Vera Dashboard. VERA DASHBOARD The Dashboard gives both end users and administrators full visibility and control over all the activity around content, no matter where it is stored or how it is transmitted. Through the Vera Dashboard, an admin can manage access controls, set and update policies, oversee users and activity and run audit reports on usage.

Data Security in Vera SECURE CLOUD POLICY MANAGEMENT A key tenet of the Vera security model is that our platform never stores customer content or application data in any way. The primary information that lives in the Vera Cloud Platform are the policy definitions and encryption keys, separated logically for each customer. All communication between the cloud platform, device clients and the administrative Dashboard is secured in transit and at rest with at least SSL 2.0 (though TLS 1.2 is preferred) and AES 256- bit encryption. Each document secured with Vera is encrypted with a unique key that is secured within the Vera Cloud Platform. These keys are transmitted securely via TLS/SSL to the clients which form a trusted key space on the end user s device. Audit logs for every successful and unsuccessful access request to a document are recorded. Keys are not stored locally on the endpoint unless the policy owner specifically grants that privilege for offline or time-bound access. Additionally, Vera End-user Clients protect the enterprise against man-in-the middle attacks from custom or forged certificates. To decrypt and access a protected file, the opposite occurs - a request for a decryption key is sent via the Vera client to the Cloud Platform via TLS/SSL for the specific file. That request is verified against the user permissions and policy restriction for the document, and if access is confirmed, the client is given access to decrypt the file. In the absence of a client, the end user will be given the choice to view the secure file via a browser interface. All access information, including time, identity, action and location are logged for the Dashboard and audit trail. Centralization of policy management and administration is critical, ensuring that copies of documents or edited versions do not lose the original s security. The system will maintain the integrity of the original. As a result of this design, Vera employees and engineers cannot see customer content, unless the individual has been expressly granted access by a content owner. As a result, customers in even highly-regulated industries trust Vera with even their most sensitive data.

Consistent, transparent user experiences THE VERA END-USER CLIENT One of the reasons employees have not adopted traditional data and content security solutions like RMS and DRM is that they require users to change the way they work. Document-specific settings are disruptive to the process of getting things done and serve as impediments to adoption. People need instant, seamless access to their information, on any device, and at the same time, IT needs to ensure that critical information is protected. With Vera, IT can deploy a non-invasive, passive client that manages the application and enforcement of policy invisibly in the background on every user device. A user with the Vera client installed can open, edit and share information however they choose without impacting their efficiency or effectiveness. For a user in-policy, opening a secure document is no different than opening any other file. Vera provides native clients for Windows and Apple OS X desktops and laptops, as well as mobile applications for ios, Android, and Windows 8 tablets. The client is designed with the concept of smart defaults in mind, giving users the right nudges and indicators to secure important content as it is created. For access to secured documents away from a trusted device, Vera also provides a webbased document viewer that supports readonly access to content. For desktops, Vera also integrates with popular email clients like Outlook and Apple Mail, allowing users to protect attachments, apply policies, and share information directly from an email.

The Vera Policy Bar THE VERA END-USER CLIENT An important element of the Vera ecosystem is the Vera Policy Bar, the user experience element that clearly demonstrates a user s access permissions and any policy restrictions on a document. When a secure document is opened, the Vera client overlays a Policy Bar on the document that shows what restrictions are enforced. These policies can be set broadly, or on a per-document basis, and allow end users and administrators to prescribe granular permissions to documents, including the ability to limit the copy and paste of information into, out of, or across protected files. Vera provides one of the most pivotal technologies eluding enterprise IT: A solution truly balancing strong security and simple user experience. - Nick Mehta, CEO, Gainsight Finally, all Vera access points, whether web, mobile or desktop, are integrated with enterprise identity and permissions management tools like Okta and Active Directory, further improving access and transparency in the system. By allowing customers to authenticate users to Vera agents with their corporate directory service, Vera streamlines and simplifies the login, access and provisioning of accounts. Vera is geared towards users that already have accounts with Dropbox, Box, Google Drive, and OneDrive but need a way to maintain privacy control of those documents. - Ruth Reader, Venturebeat

Policy, user and content administration: THE VERA DASHBOARD The Vera Dashboard is the central console where Vera customers aggregate, analyze and take action on all the activity around their data. Returning to the fundamental assumption that perimeter and endpoint security is not enough to protect an organization s sensitive information, Vera gives both end users and IT administrators full visibility and control over all their content, no matter where it is stored or how it is transmitted. Through the Dashboard, an admin can manage access controls, set and update policies, oversee users and activity and run audit reports. The web-based dashboard provides full visibility and management, and aggregates event data in a simple, powerful dashboard. The Dashboard also allows an administrator to centrally view all policies in effect by the organization and can also update those policies in real time. This is a critical capability, allowing an admin to instantly revoke access or adjust permissions to documents that have already left the organization s control. An IT admin can also manage user accounts, control groups, create new policies, and view all files secured by Vera. Beyond simple administration and management, the Vera Dashboard is a powerful analytics and SIEM tool. The dashboard provides analytics on user adoption, policies in place, and attempted (and more importantly, unsuccessful) accesses to content. In tandem with the Vera end-user clients, this console also can provide insights into attempts to tamper with a client or endpoint in an effort to gain unsanctioned access to information.

Conclusion With a centralized cloud architecture that is content and storage agnostic, policy-driven and designed to adapt to modern work practices, Vera allows customers to provide consistent, auditable protection across all their critical content. And, by adopting Vera, organizations of all sizes and in any industry can maintain their existing investments in storage, collaboration and communication and still improve their security profile. Vera is a data and content security solution that enhances IT s ability to protect, govern and manage the transmission of information without impacting employees or the existing security choices the organization has made. Files secured by Vera can still be protected by gateways, firewalls and endpoint technologies, but customers choosing Vera can now extend these controls beyond the boundaries of their business. With Vera, you can: Enable employees to work in the tools of their choice, on their terms, without sacrificing security and control Automatically apply policy transparently to information created by your organization Extend policy, data governance, and compliance requirements beyond traditional security perimeters Track, audit, and manage access to confidential information in transit and at rest Secure enterprise data no matter which repository, cloud collaboration platform, or device it resides on For more information about Vera, or to schedule a demonstration for your organization, please visit us at www.vera.com or find us on Twitter @veratalk Vera 2015. All rights reserved. Vera and the Vera logo are trademarks of Vera. All other logos, trademarks and registered trademarks are the properties of their respective owners. Document 2015001

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information