Security and Control of Data in the Cloud with BitTitan Data Encryption

Similar documents
CANADIAN PRIVACY AND DATA RESIDENCY REQUIREMENTS. White Paper

Death to PST Files. The Hidden Costs of

Data Protection Act Bring your own device (BYOD)

Security Practices for Online Collaboration and Social Media

Cisco on Cisco Best Practice Security Practices for Online Collaboration and Social Media

Archiving can prevent average business cost increases of

Data-Centric Security vs. Database-Level Security

Patriot Act Impact on Canadian Organizations Using Cloud Services

YOUR HIPAA RISK ANALYSIS IN FIVE STEPS

Leveraging Dedicated Servers and Dedicated Private Cloud for HIPAA Security and Compliance

In-House Vs. Hosted Security. 10 Reasons Why Your is More Secure in a Hosted Environment

Strengthen security with intelligent identity and access management

THE IMPORTANCE OF ENCRYPTION IN THE HEALTHCARE INDUSTRY

PCI Solution for Retail: Addressing Compliance and Security Best Practices

INFORMATION SECURITY GUIDE. Cloud Computing Outsourcing. Information Security Unit. Information Technology Services (ITS) July 2013

Reducing Cyber Risk in Your Organization

Protecting Regulated Information in Cloud Storage with DLP

Residual risk. 3 Compliance challenges (i.e. right to examine, exit clause, privacy acy etc.)

Data Loss Prevention Best Practices to comply with PCI-DSS An Executive Guide

Securing Corporate on Personal Mobile Devices

Evaluating the cost of free migration tools

Small businesses: What you need to know about cyber security

Securing Office 365 with MobileIron

Enabling Secure, Diverse Communications for B2B and B2C Organizations

Windows Phone 8 Security Overview

Teradata and Protegrity High-Value Protection for High-Value Data

Data Protection: From PKI to Virtualization & Cloud

Dispatch: A Unique Security Solution

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

APPROVED BY: DATE: NUMBER: PAGE: 1 of 9

UNCLASSIFIED. UK Archiving powered by Mimecast Service Description

1. Understanding Big Data

Executive s Guide to Cloud Access Security Brokers

What Data? I m A Trucking Company!

Whitepaper on AuthShield Two Factor Authentication with ERP Applications

Investigating the prevalence of unsecured financial, health and personally identifiable information in corporate data

Data Breach and Senior Living Communities May 29, 2015

SecureAge SecureDs Data Breach Prevention Solution

Best Practices for DLP Implementation in Healthcare Organizations

Security Architecture Whitepaper

Cloud Computing. Cloud Computing An insight in the Governance & Security aspects

Preemptive security solutions for healthcare

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

Comparing Alternatives for Business-Grade File Sharing. intermedia.net CALL US US ON THE WEB

HFS DATA SECURITY TRAINING WITH TECHNOLOGY COMES RESPONSIBILITY

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Connected from everywhere. Cryptelo completely protects your data. Data transmitted to the server. Data sharing (both files and directory structure)

Cirius Whitepaper for Medical Practices

CYBER & PRIVACY INSURANCE FOR FINANCIAL INSTITUTIONS

Trust 9/10/2015. Why Does Privacy and Security Matter? Who Must Comply with HIPAA Rules? HIPAA Breaches, Security Risk Analysis, and Audits

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

Stay ahead of insiderthreats with predictive,intelligent security

how can I comprehensively control sensitive content within Microsoft SharePoint?

The problem with privileged users: What you don t know can hurt you

Securing Virtual Desktop Infrastructures with Strong Authentication

Inspection of Encrypted HTTPS Traffic

How to successfully migrate from GoogleApps

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10)

Our Key Security Features Are:

Security Considerations

The potential legal consequences of a personal data breach

Understanding Enterprise Cloud Governance

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

Computer Security Log Files as Evidence

Data Security: Fight Insider Threats & Protect Your Sensitive Data

SecurityMetrics Vision whitepaper

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

10 Smart Ideas for. Keeping Data Safe. From Hackers

Enterprise Data Protection

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

Transcription:

Security and Control of Data in the Cloud with BitTitan Data Encryption

Contents Ownership and Control of Data in the Cloud... 3 Unstructured Sensitive Information in Email/Calendars... 3 How Can Email Be Exposed?... 4 Email and Regulatory Compliance... 5 The Data Lifecycle... 5 Protect Data throughout its Lifecycle... 6 Copyright 2015, BitTitan, Inc. 2

Ownership and Control of Data in the Cloud BitTitan DataEncryption offers a solution to a key problem standing in the way of broader cloud adoption: maintaining ownership and control of data that is processed and stored by third-party cloud services such as Office 365. Most decision-makers recognize the financial benefits of moving their businesses to the cloud. The savings in staffing and infrastructure can be significant over the costs of maintaining data centers and the staff required to manage them. In addition, moving to the cloud can be a smart move from a security point of view. Cloud service providers have a dedicated focus on providing secure, highly scalable and available systems for their customers that is their only job. Contrast this with on-premise infrastructure, where IT is a secondary concern and security is not always a top priority. But while the arguments are numerous for moving to the cloud, many companies are rightly concerned over the issue of ownership and control of their information. A company s information is its lifeblood and it can be uncomfortable ceding a measure of control over it. Ultimately, it is the responsibility of the company to protect its sensitive information and that responsibility cannot be transferred to a third party no matter how trusted they may be. When discussing security in the cloud, many focus on the protection of documents and systems, and many tools exist to attempt to control the distribution of structured information. But surprisingly little attention gets paid to the case of unstructured sensitive information in day-to-day email. Unstructured Sensitive Information in Email/Calendars Email and calendar information can contain a vast amount of information from the trivial to business critical all in an unstructured form which is very difficult to automatically identify and filter. Something as simple as a casual discussion between executives about a potential partner could have huge consequences if revealed. As an example, in the recent Sony Pictures hack, what was thought to be private email was released to the public. This email included details of talent compensation, negotiations, and personal opinions of various talent all of which will make future negotiations much more difficult and expensive, and has embarrassing ramifications for the company as a whole. Unstructured company information commonly found in email includes: Trade secrets It sounds silly to say it, but trade secret protection is only maintained as long as the information is kept secret. It is the responsibility of the company to make reasonable efforts to protect the information, and there is legal recourse if the information is misappropriated. But accidental release voids protection. And even in the case of misappropriation, once the information is out, it is by definition, no longer secret. Product plans Most companies that invest in new product development use email extensively to discuss plans, share details, organize meetings, explore patent protection, etc. All of this is information would be very valuable to competitors. Copyright 2015, BitTitan, Inc. 3

Negotiation details Negotiating contracts, prices, partnerships, mergers, acquisitions, or any of a myriad of business deals requires communication. Most of that is discussed over email, and calendar details of who met with whom, and when, can be very valuable intelligence. Competitive information/discussions Analysis of the competition and subsequent compete planning is exchanged via email. Exposure of this information can damage your ability to execute on plans. Employee reviews The details of an employee review are confidential information and release could lead to legal actions by the employee. In addition, private discussions about employees that do not make it into the formal review may contain information that would be inappropriate to share. Private executive discussions Executives need to be free to discuss a wide range of issues over email, without fear of disclosure. This can be corporate strategy, pie in the sky long-range plans, or even simply opinions expressed in impolitic terms. Meeting details Exposure of calendar information can give a very clear picture of business relationships and exposure of minutes from what should be confidential meetings can damage relationships and potentially scuttle partnerships. Employee personal information Human resource departments often require personal information from employees much of which is sent via email. Companies have legal responsibility to protect this personal and sensitive information. Legal/privileged information Communication with counsel is privileged and often sensitive, yet it is common to carry on extensive discussions over email. And more It makes sense to ask yourself the question What would the cost to my company be if all of our internal emails and calendars were made public? How Can Email Be Exposed? While cloud providers take great pains to provide secure and trustworthy services, ownership and responsibility of your information ultimately rests with you, and there are a number of ways your private data could be exposed. Government snooping Recent revelations have made it clear that many governments are actively engaged in large-scale data gathering on citizens in the name of national security. This can be internal to a specific country or extraterritorial as in the reported activities of the NSA and GCHQ under the PRISM and MUSCULAR programs. Unauthorized disclosure through subpoena When a legal subpoena requesting customer data is presented to a cloud data provider, they have no option but to comply. Often, the company will not be allowed to let the target of the action know that their data has been provided. Copyright 2015, BitTitan, Inc. 4

Such subpoenas may even be applied extraterritorially for example, requiring that data of a foreign company which is hosted on US-owned servers outside of the USA be turned over to US agencies. Malicious actions No matter how secure data centers may be, they are still run by people. And a rogue admin with the right access can bypass most security. In addition, hackers are constantly probing for weaknesses that would allow man-in-the-middle attacks or other ways to intercept data in transit. Accidental disclosure Data co-mingling, unencrypted data in memory snapshots, and general operational processes may expose data outside of expected channels. Email and Regulatory Compliance No single product can guarantee compliance with any particular set of regulations. At the end of the day, it is up to the owner of the data to guarantee compliance. It is your data and you need to maintain control over it even when you store it in the cloud. While BitTitan DataEncryption cannot, in itself, guarantee you are compliant, it can form an important piece of your compliance plan. There are two main areas of compliance for which encryption at rest, in transit and in use can act as key components. Data residency Many countries have regulations requiring that personal information not be transmitted outside of the country of origin. This can be a barrier to moving to the cloud since in most cases, the provider will have data centers serving multiple countries. In the case of Office 365, Microsoft will not guarantee that data on its servers won t be relocated outside of the initial region for support and maintenance purposes. Residency concerns can be addressed by encrypting data in the country prior to sending it to the cloud servers, and by maintaining the encryption keys within the county of origin. Note that personal information can be broadly defined and often can be found in unstructured form within email. Privacy There are a host of regulatory entities aimed at protecting the privacy of users of data services. Private information ranges from the Personal Health Information (PHI) to Personal Commercial Information (PCI) to Personally Identifiable Information (PII). There are dedicated solutions for many business types, but for the most part, they focus on formal structured documents and information for example, a credit card order form or a medical record form. However, all sorts of private information can be and is found in unstructured form within emails. For example, imagine a doctor sending an email to his nurse asking that she order a specific test suite for a patient. This simple request carries a wealth of information about the patient which needs to be protected. The Data Lifecycle Cloud data exists in three states during its lifecycle, however, standard encryption solutions only protect the data in two of those states. In-transit Data is in-transit when it travels over the internet from the user to the cloud, between data centers in the cloud, and from the cloud back to the user. Data in transit is generally protected Copyright 2015, BitTitan, Inc. 5

by SSL or TLS encryption. SSL is widely used to protect everything from web transactions to email. TLS is a superset of SSL with additional security features and is generally used between data centers and to connect mail servers. At-rest Data is at-rest when it is stored on a physical device including your PC or on a server at the cloud service provider. Data at rest is often protected with strong encryption which makes it virtually impossible to access the data should a thief steal a computer or server drive. In-use Data is in-use when it is read into memory from a storage device for example, when you turn on your encrypted laptop, or an Office 365 server loads your email into memory. Data in use is not usually protected by encryption due to the complexity of having data be both encrypted yet usable. Protect Data throughout its Lifecycle BitTitan DataEncryption addresses the gap by protecting data in use without compromising access or user functionality. Information is encrypted at the DataEncryption proxy, and remains encrypted in-transit, at-rest and in-use in the cloud. Because the encryption keys are stored separately from the cloud data, if email is exposed through snooping, malicious actions, legal requirement or simple accident, all released content will be unreadable encrypted information. At the same time, BitTitan s advanced encryption technology means: The user maintains easy access to email and calendar data with full functionality, without the need to install any new software or make any changes. All mail they send and receive and all of their calendar data is stored in the cloud, fully encrypted. This gives the user the freedom to work normally using Outlook on a computer, Outlook Web Access in a browser, or on their mobile device using ActiveSync. BitTitan DataEncryption provides companies control over their email in the cloud with persistent end-to-end encryption while in-transit, at-rest and in-use without requiring users to master new technology or install any additional software. Control Your Information with BitTitan DataEncryption The benefits of moving to the cloud are very real, but so are the risks and the potential cost of the release of confidential information. Internal company email holds tremendous amounts of information that can cost your company time, money, and legal exposure if stolen or inadvertently made public. Copyright 2015, BitTitan, Inc. 6

BitTitan s DataEncryption protects your internal email and calendar data in transit, at rest, and in use, and keeps the encryption keys separate from the data allowing you to maintain control and ownership over your information in the cloud. To learn more about BitTitan DataEncryption, please visit https://www.bittitan.com/products/#dataencryption or contact sales@bittitan.com. About BitTitan BitTitan is the IT change automation expert that delivers end-to-end solutions for migration and onboarding challenges. Unlike competitive solutions, BitTitan removes barriers to change, including complexity, risk, cost and time constraints. With IT change automation, users can be current, have a choice, maintain control and eliminate chaos. Its globally recognized products, MigrationWiz, DeploymentPro, UserActivation, DataEncryption and SmtpLogic, deliver tailored solutions for today s challenges, such as Office 365 onboarding, email and archive migration, as well as Office 365 security and controls. The credible, safe and trusted choice for both direct and partner channels, BitTitan has migrated more than 1.5 million mailboxes to the cloud in more than 100 countries. For more information, visit www.bittitan.com. BitTitan, Inc. 3933 Lake Washington Blvd, Suite 200 Kirkland, WA 98033 USA sales@bittitan.com Copyright 2015, BitTitan, Inc. 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information