Secure and control how your business shares files using Hightail



Similar documents
FileCloud Security FAQ

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Cloud Contact Center. Security White Paper

Security Information & Policies

Security Overview Enterprise-Class Secure Mobile File Sharing

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

Cloud Contact Center. Security White Paper

Securing Content: The Core Currency of Your Business. Brian Davis President, Net Generation

HIPAA and Cloud IT: What You Need to Know

Projectplace: A Secure Project Collaboration Solution

Blue Jeans Network Security Features

Did you know your security solution can help with PCI compliance too?

Box: Redefining Security for the Cloud

GoodData Corporation Security White Paper

ClickTale Security Standards and Practices: Delivering Peace of Mind in Digital Optimization

Data Storage That Looks at Business the Way You Do. Up. cloud

OCTOBER 2015 TAULIA SUPPLIER ARCHITECTURE OVERVIEW TAULIA 201 MISSION STREET SAN FRANCISCO CA 94105

Security Considerations

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

Data Storage that Looks at Business the Way You Do. Up. cloud

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Addressing Cloud Computing Security Considerations

Retention & Destruction

Birst Security and Reliability

Egnyte Security Architecture

White Paper How Noah Mobile uses Microsoft Azure Core Services

FormFire Application and IT Security. White Paper

FTP-Stream Data Sheet

StratusLIVE for Fundraisers Cloud Operations

The Education Fellowship Finance Centralisation IT Security Strategy

Nuance OnDemand provides security and reliablity.

Logz.io See the logz that matter

HIPAA Privacy & Security White Paper

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%

Delivering peace of mind in digital optimization: Clicktale's security standards and practices

Level I - Public. Technical Portfolio. Revised: July 2015

DMZ Gateways: Secret Weapons for Data Security

Autodesk PLM 360 Security Whitepaper

Security Practices, Architecture and Technologies

The Challenge. The Solution. Achieve Greater Employee Productivity & Collaboration...while Protecting Critical Business Data

MANAGED FILE TRANSFER: 10 STEPS TO SOX COMPLIANCE

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks

Vendor Questionnaire

Information That Should Help You Sleep at Night

Security Policy JUNE 1, SalesNOW. Security Policy v v

Five keys to a more secure data environment

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

PCI Compliance for Cloud Applications

Injazat s Managed Services Portfolio

Top. Reasons Federal Government Agencies Select kiteworks by Accellion

BMC s Security Strategy for ITSM in the SaaS Environment

The Netskope Active Platform

March

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

System Security Plan University of Texas Health Science Center School of Public Health

Our Key Security Features Are:

Securely Yours LLC IT Hot Topics. Sajay Rai, CPA, CISSP, CISM

CloudDesk - Security in the Cloud INFORMATION

Time to Value: Successful Cloud Software Implementation

Enterprise Content Sharing: A Data Security Checklist. Whitepaper Enterprise Content Sharing: A Data Security Checklist

PCI Requirements Coverage Summary Table

twilio cloud communications SECURITY ARCHITECTURE

Egnyte Security Architecture. White Paper

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

KeyLock Solutions Security and Privacy Protection Practices

PCI Requirements Coverage Summary Table

Why Encryption is Essential to the Safety of Your Business

MANAGED FILE TRANSFER: 10 STEPS TO PCI DSS COMPLIANCE

Tenzing Security Services and Best Practices

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

A Decision Maker s Guide to Securing an IT Infrastructure

How NETGEAR ProSecure UTM Helps Small Businesses Meet PCI Requirements

CONTENT OUTLINE. Background... 3 Cloud Security Instance Isolation: SecureGRC Application Security... 5

QuickBooks Online: Security & Infrastructure

How To Secure Shareware Kiteworks By Accellion

BANKING SECURITY and COMPLIANCE

V1.4. Spambrella Continuity SaaS. August 2

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

Document control for sensitive company information and large complex projects.

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery

Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture

PCI DSS Reporting WHITEPAPER

Using Automated, Detailed Configuration and Change Reporting to Achieve and Maintain PCI Compliance Part 4

HEC Security & Compliance

locuz.com Professional Services Security Audit Services

Cloud-enable your Storage with EgnytePlus File Sharing Infrastructure

Problem. Solution. Quatrix is professional, secure and easy to use file sharing.

SAS 70 Type II Audits

How To Secure Your Store Data With Fortinet

Security Controls for the Autodesk 360 Managed Services

DRUVA SECURITY OVERVIEW ICT AFRICA CAPE TOWN LEE MEPSTED EMEA CHANNEL MANAGER

Transcription:

HIGHTAIL FOR ENTERPRISE: SECURITY OVERVIEW Secure and control how your business shares files using Hightail Information the lifeblood of any business is potentially placed at risk every time digital files are shared. Whether a company s employees use email or FTP, or look to bypass the limitations of these services with unsanctioned sharing tools, the inadequate security and compliance standards of these methods is a serious liability. Hightail solves this problem with an enterprise-grade service that gives users the ability to share files easily, while providing IT with the required security infrastructure, comprehensive controls and data tracking capabilities. The enterprise administrative controls around Hightail were one of the criteria that made this a good solution for us. James Brennan, Executive Director, Sony Pictures Files stored and shared with Hightail are secured, controlled and managed over three different levels: User level Intuitive user experience requires minimal training or IT assistance File sharing controls including passwords, expiration dates and identity confirmation help protect sensitive files Folders can be shared with full edit permissions or as view-only Uniform experience across web, desktop and mobile apps Enterprise level IT can set global controls and configure rules for enterprise data sharing Seamless integration with existing systems, including Active Directory and LDAP, allows for quick deployment SAML provisioning reduces IT workload by automating account setup Dashboards and usage reports allow IT to monitor usage at a granular level and maintain audit trails Cloud level Physical access to data centers is restricted using state of the art surveillance and access controls Network is monitored 24x7x365 using a dedicated Network Management System Data is encrypted in transit and rest by 256-bit AES encryption Compliant with SSAE 16, PCI DSS, Safe Harbor framework and enables organizations to meet industry regulations like HIPAA, GLBA

User level security Enterprise users need to actively access, share, and collaborate with other users within and outside the enterprise without their productivity being obstructed by security concerns. Hightail s robust security infrastructure and advanced, yet simple security controls allow users to work productively without hassle. Traditional tools such as email and FTP limit the amount of control users and IT can exercise over shared data. When sharing folders via Hightail, users can specify permissions at a granular level to allow accessing users to view only or modify content. When sending files, Hightail provides additional controls, including passwords and file expiration dates. Selecting the return receipt and verify recipient identity options and tracking downloads and other file activities, help users ensure their files reach the right recipients. The security features on Hightail are available across the web, desktop and mobile apps providing a familiar, uniform experience no matter which device is being used. Enterprises can leverage existing Single Sign-On (SSO) infrastructure so users don t need to remember yet another username and password. All of these user level features allow businesses to strike the appropriate balance between user productivity and IT control, all with minimal maintenance overhead. And while the Bring Your Own Device (BYOD) trend continues to keep many IT leaders up at night, Hightail mobile products have additional security measures such as PIN protection, encrypted local storage and data wipe that can prevent unauthorized access should a device fall into the wrong hands. Enterprise level security Hightail integrates seamlessly with existing infrastructure and applications while providing IT with granular control capabilities. Enterprises can quickly get started using Active Directory/LDAP or SAML 2.0 integration to enable SSO, while SAML provisioning support Folder permissions (View/modify) Password protection File expiration options Return receipt Verify recipient identity Download tracking Pin protection (mobile) Data wipe (mobile) The ability to have some control over your files at a very low level of an organization is huge. It means you are not always going back upstream to IT for permission. Mitch Hamm Center Director, Alabama Technology Network

eases the work of IT by automating the user account setup process. In managing accounts, Hightail provides administrative flexibility by allowing IT admins to set global controls, use new or existing rolebased groups or apply policies at the individual account level. Hightail leads the industry in providing IT with comprehensive monitoring and tracking capabilities so organizations know where their data is at all times. Administrators can use the Dashboard to acquire insights into usage parameters including user counts, data transfer information and inbound/ outbound domains. For transaction level details, they have the Usage Report, which not only provides a log of all enterprise transactions, but also the ability to quickly find specific information using filters on various parameters including user, date, filename and event type. If they suspect an unauthorized file share, administrators have the ability to download and block downloads of any file that has been shared on Hightail. Active Directory and LDAP integration SAML 2.0 integration & provisioning Global policy settings Role-based groups Usage reports (audit log) Block download Customized branding Being able to go in and see what has happened with files and expire them if necessary has given my IT team the control they needed. Our auditors were absolutely amazed. Noah Broadwater VP, Digital Products and Technology, Special Olympics

Hightail s fit with enterprise security is strengthened by its integration with existing policies and systems. Hightail integrates with existing company MDM (Mobile Device Management), DLP (Data Loss Prevention) and DRM (Digital Rights Management) systems to enable a consolidated IT strategy that extends the company policies, rules and control to data stored in the cloud. IT administrators also have the option of adding their company logo to Hightail, providing users with a consistent experience across different systems and applications, while promoting their brand when sharing files externally. Cloud level security Hightail is trusted by over 40M users, including professionals at 98% of the Fortune 500, for user and IT level controls and rigorous security measures. Reliable and resilient architecture ensures Hightail has no single point of failure and services are available to users at all times. Data is secured at all layers including physical, network, transmission, data and application to ensure end-to-end security for corporate information. The ability to secure and track the data coming in and out of our offices, while avoiding new infrastructure investment and associated operating costs made Hightail very compelling. Andrew Marks CIO, Tullow Oil Physical security Hightail data centers enforce stringent physical security measures in build and access and also maintain certifications such as SSAE 16 SOC 1/2, ISO27001, and ISO25999. The data centers are globally located and protected by double walled construction and biometrically protected cages. They mitigate environmental risk with sophisticated disaster protection that includes seismic protection, water suppression and drypipe fire protection. They also feature multiple active power and cooling distribution paths to ensure that services are available at all times. SSAE 16 SOC 1/2 compliant Seismic, fire protection Redundant power supplies Video surveillance Biometric scanning Detailed audit logs Data center access is strictly controlled and restricted only to designated persons within the Operations team. Data centers are monitored by manned security and video surveillance round the clock. Accessing production systems requires three points of access that are guarded by mantraps and biometric scans with PINs. Hightail maintains detailed audit logs and continuously monitors all operational systems.

Network security Hightail provides multiple solutions to address network security threats as information flows back and forth from data centers to customer and third party systems. Hightail monitors its entire network, including the production application and underlying infrastructure components at all times using a dedicated Network Management System. Real-time alerts are sent to on-call Operations staff members for resolution. All incoming and outgoing traffic between the production environment and other networks corporate and untrusted is monitored by ISP grade firewalls. To protect the systems from DoS/DDoS (Denial of Service) attacks and ensure availability, Hightail employs carrier grade network equipment and redundant internet links. Finally, to ensure the reliability of the network infrastructure against increasingly sophisticated hacking methods, the company performs weekly vulnerability scans and engages third party security firms to perform penetration and application vulnerability testing. Application security The Hightail application is designed with security as a key consideration at every stage. The web application is multi-tiered into logical segments (front-end, mid-tier and database), each independently firewalled from each other in a DMZ configuration. This guarantees maximum protection while giving developers the flexibility of a multi-layer architecture. The Hightail application development goes through multiple checks and balances to ensure that development or testing processes do not impact the production systems and data. These checks include putting every change through a formal release engineering process, maintaining physically and logically separated development environments and finally, performing full functional testing of all changes in a QA environment before deployment to production. Following this rigorous development and release process allows Hightail to deliver new features and improvements while maintaining a solid and secure foundation. 24x7x365 monitoring ISP grade firewalls DoS/DDoS protection Vulnerability scanning Penetration testing Hardened operating system Multi-tiered DMZ configuration Formal release engineering process Full functional QA testing

Data security One of the critical vulnerabilities with traditional sharing tools like FTP is the absence of data encryption, which allows hackers to sniff packets out of the network and directly intercept the data. Hightail encrypts data in transit by providing up to 256-bit AES encryption along with support for forward secrecy, ensuring that deciphering intercepted information is impossible now and in the future. Hightail leaves no stone unturned in protecting the customer data stored on its servers. At the server level, files at rest are stored and individually secured using a patented three level encryption technology that is certified by FIPS 140-2 and CC EAL2+, the US Government and international standards for computer security. A 256-bit AES encryption and dynamic key management ensures every key access is logged providing real-time revocation and full auditing. Redundant encrypted copies 256-bit AES encryption Dynamic key management FIPS 140-2, CC EAL2+ certification To protect data against any server wear and tear, Hightail uses redundant encrypted storage, meaning that copies of every file are stored on multiple servers to safeguard against data loss. When users delete files, they are held on the disks for seven days for recovery reasons after which all data copies are completely purged from the systems. Compliance Hightail s end-to-end security features meet stringent compliance requirements and allow organizations to meet a number of industry regulations as they extend their IT infrastructure to the cloud. Hightail is audited annually by a Big Four audit firm to attest to its compliance with regulations such as SSAE 16 security and confidentiality principles and publish SOC 2 type II reports to confirm the design and effectiveness of its controls. Hightail is also independently certified to be compliant with PCI DSS (payment card data security standards) and US/EU Safe Harbor framework to ensure proper collection, use and retention of personal information. Hightail s security features also enable organizations to meet a variety of industry regulations, including HIPAA (Health Insurance Portability and Accountability Act), a

regulation that addresses security and privacy of health data and GLBA (Gramm Leach Bliley Act), which addresses consumer information protection by financial institutions. Enterprise-grade security, now and in the future With fast growing trends such as Consumerization of IT and BYOD, cloud sharing solutions offer significant value in increasing user productivity and collaboration, but can make business information vulnerable through unsanctioned file sharing applications and uncontrolled file sharing via email and FTP. Hightail provides a solution that satisfies IT requirements not just in terms of robust security and granular control over enterprise data, but also by providing an intuitive data sharing experience that results in quick and easy adoption by users. Find out how hightail can help your business call 1.866.558.7363 email sales@hightail.com Hightail recognizes that the challenge of maintaining enterprise-grade security is ongoing and the company continually invests in improving its security infrastructure to remain ahead of potential new dangers. Hightail has recently acquired adeptcloud, the industry s first privacyfocused collaboration solution, and joined the Cloud Security Alliance, a coalition of industry practitioners with a mission to promote and define best practices for providing security assurance within cloud computing. These developments, along with the continued focus on existing infrastructure and features, ensure that Hightail is providing its customers with the best security for their business information now and in the future.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information