SECURITY AND REGULATORY COMPLIANCE OVERVIEW



Similar documents
SECURITY AND REGULATORY COMPLIANCE OVERVIEW

Security Information & Policies

Google Identity Services for work

The increasing popularity of mobile devices is rapidly changing how and where we

NCSU SSO. Case Study

JVA-122. Secure Java Web Development

Google Apps Deployment Guide

WALKME WHITEPAPER. WalkMe Architecture

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Paxata Security Overview

APIs The Next Hacker Target Or a Business and Security Opportunity?

Tableau Online Security in the Cloud

Egnyte Cloud File Server. White Paper

SOLUTION BRIEF SEPTEMBER Healthcare Security Solutions: Protecting your Organization, Patients, and Information

nexus Hybrid Access Gateway

ProjectManager.com Security White Paper

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Web application security: automated scanning versus manual penetration testing.

Security Overview Enterprise-Class Secure Mobile File Sharing

WHY MENTORING? SOFTWARE TO EASILY START, MANAGE, AND MEASURE MENTORING PROGRAMS

Your Mission: Use F-Response Cloud Connector to access Google Apps for Business Drive Cloud Storage

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

MOBILITY. Transforming the mobile device from a security liability into a business asset. pingidentity.com

Auditing the Security and Management of Smart Devices. ISACA Dallas Meeting February 13, 2014

Egnyte Single Sign-On (SSO) Installation for OneLogin

TrustedX: eidas Platform

Dropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description

Active Directory Integration twitter.com/onelogin ONELOGIN WHITEPAPER

Working with Indicee Elements

FTP-Stream Data Sheet

Delivering peace of mind in digital optimization: Clicktale's security standards and practices

Anypoint Platform Cloud Security and Compliance. Whitepaper

EXECUTIVE VIEW. SecureAuth IdP. KuppingerCole Report

Intunex Oy Skillhive Service Description 1 / 6

Using AWS in the context of Australian Privacy Considerations October 2015

The Netskope Active Platform

Sisense. Product Highlights.

SOFTWARE TO MANAGE HIGH-IMPACT ONBOARDING PROGRAMS ACCELERATE EMPLOYEE TIME TO PERFORMANCE WITH CHRONUS SOFTWARE YOUR COMPLETE ONBOARDING SOLUTION

Social Application Guide

Data safety at UXprobe. White Paper Copyright 2015 UXprobe bvba

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

Trust but Verify: Best Practices for Monitoring Privileged Users

A COMPLETE GUIDE HOW TO CHOOSE A CLOUD-TO-CLOUD BACKUP PROVIDER FOR THE ENTERPRISE

twilio cloud communications SECURITY ARCHITECTURE

SAML-Based SSO Solution

How To Set Up Egnyte For Netapp Sync For Netapp

Optimizing the Cloud for P&C Insurance Claims Settlement

Cloud Security Trust Cisco to Protect Your Data

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA

Microsoft Power BI. Nov 21, 2015

Helping people make better decisions DATA SECURITY POLICY. Kiilakiventie 1, Oulu, Finland tel:

The Anti-Corruption Compliance Platform

Public Cloud Offerings and Private Cloud Options. Week 2 Lecture 4. M. Ali Babar

Single Sign On. SSO & ID Management for Web and Mobile Applications

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

Administering Google Apps & Chromebooks for Education

User Management Tool 1.5

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES

Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture

Adding Stronger Authentication to your Portal and Cloud Apps

Beyond passwords: Protect the mobile enterprise with smarter security solutions

Administering Jive Mobile Apps

Integrating LivePerson with Salesforce

Directory Integration with Okta. An Architectural Overview. Okta White paper. Okta Inc. 301 Brannan Street, Suite 300 San Francisco CA, 94107

Secure and control how your business shares files using Hightail

Dell World Software User Forum 2013

The governance IT needs Easy user adoption Trusted Managed File Transfer solutions

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

Managing Your Microsoft Windows Server Fleet with AWS Directory Service. May 2015

FileCloud Security FAQ

PortWise Access Management Suite

Cloudwork Dashboard User Manual

Hans Bos Microsoft Nederland.

Dropbox for Business security A Dropbox whitepaper

Cloud Computing An Auditor s Perspective

A Comparison of PaaS clouds with a Detailed Reference to Security and Geoprocessing Services

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Protecting Data and Privacy in the Cloud

TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES. Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1

Hayri Tarhan, Sr. Manager, Public Sector Security, Oracle Ron Carovano, Manager, Business Development, F5 Networks

Addressing Cyber Security in Oracle Utilities Applications

Table of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

Increase the Security of Your Box Account With Single Sign-On

Copyright Pivotal Software Inc, of 10

SAST, DAST and Vulnerability Assessments, = 4

Web Conferencing: Unleash the Power of Secure, Real-Time Collaboration

TrustedX - PKI Authentication. Whitepaper

Copyright Telerad Tech RADSpa. HIPAA Compliance

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value

Transcription:

Powering Cloud IT SECURITY AND REGULATORY COMPLIANCE OVERVIEW

Executive Summary BetterCloud provides critical insights, automated management, and intelligent data security for cloud office platforms. As with any third-party application, it is important to understand the access you are granting to BetterCloud once it is installed on your Google Apps domain. While we will refer to the product throughout this security overview, the measures, controls and certifications discussed in this security overview apply to BetterCloud as a company, and thus to all of our products. This security white paper gives IT administrators an in-depth look at the security measures taken by BetterCloud to protect customer data, as well as the specific access points required by the product. The policies described in this document are current, and will be updated immediately upon any changes. BetterCloud s security process is based on well-defined security best practices that ensure the proper controls at all levels of data storage and access. In this security overview, we will cover the following topics: Corporate Security Policies Secure Hosting: Google App Engine Security Measures Data Access and Storage Access Control Systems Development Regulatory Compliance

BetterCloud Security Overview CORPORATE SECURITY POLICIES BetterCloud is committed to ensuring the security of all data associated with your Google Apps Domain. Given its deep integration with the Google Cloud Platform, BetterCloud is uniquely positioned to provide the highest level of security to all customers. Please read our: Privacy Policy Terms of Service Secure Hosting: Google App Engine BetterCloud is built and hosted exclusively on the Google App Engine (GAE) platform. Thus, the physical securities of BetterCloud are equivalent to that of Google App Engine, which Google uses to run Google Apps as well. BetterCloud uses a number of Google APIs - Application, Domain Admin, OAuth 2.0, and Apps Marketplace - to access different parts of our customers' Google Apps accounts. BetterCloud uses the Python Datastore, which is an object datastore that provides scalable storage. This information is physically stored within Google s own data centers, the same place where your Google Apps account information lives. BetterCloud can be installed through the Google Apps Marketplace, which is managed solely by Google and houses hundreds of third-party software applications that integrate with Google Apps. SECURITY MEASURES OAuth 2.0 The OAuth 2.0 open standard allows customers to authorize BetterCloud to access their Google Apps domain without sharing their actual Google Apps account credentials. This minimizes risk as customer passwords are never known, stored or shared with BetterCloud. Single Sign-On (SSO) Usernames and passwords are never created, given, or stored by BetterCloud, as all user logins are verified using Single Sign-On. This creates an added level of security as well as a seamless integration between Google Apps and BetterCloud. Real-time API Permissions Checks Just as only super administrators of a Google Apps domain may access the Google Admin Console, BetterCloud performs a real-time permissions check to ensure that only the proper parties gain access to BetterCloud. Nonsuper administrators may access parts of the application only if granted permissions by a super administrator. Access permissions can be granted using BetterCloud s access control feature. For more information regarding Google Apps Security, please view Google s own Security and Privacy Documentation. Secure Browser Connections (HTTPS) HTTPS provides a secure internet connection between https://g.bettercloud.com, which runs on Google App Engine, and a customer's local computer. This secure connection provides a bidirectional encryption of communications.

BetterCloud Security Overview DATA ACCESS AND STORAGE APIs BetterCloud has access to the following APIs: Users, User Provisioning, User Nicknames, Groups Provisioning, Organizational Units, Contacts, Calendar, Calendar Resources, Docs, Sites, Spreadsheets. Metadata Google Drive metadata is indexed by BetterCloud so that the customer can perform real-time searches, as real-time API calls are not always feasible. Metadata includes: Owner, Owned by OU, Doc Titile, Shared With, Exposure Level, Last Updated, Doc Type, File Extension, Doc Size. SYSTEMS DEVELOPMENT Overview Much like Google Apps, BetterCloud is an evolving application, meaning that there is an ongoing process of design, development, and operation. The BetterCloud Development Team has created a strict protocol for developing, testing, and deploying new code. Software Design Technical Architects analyze software design too advise against security risks including: cross-site scripting injection, SQL injection and improper access to application functions. Uninstall Uninstalling BetterCloud from the Google Admin Console will cut off all communication between the customer s domain and BetterCloud. Customers can submit a request when they uninstall or follow the instructions in our privacy policy to have all of the metadata removed from the BetterCloud Data Store. Completed Software Technical Architects and Technical Leads perform static code analysis to ensure against security risks and issues. Quality Assurance Quality Assurance engineers perform dynamic analysis of the live application to ensure the system meets stated requirements. Deployment Periodic review and fast response to incident reports. Overview of BetterCloud s systems development process Software Design Technical Architects analyze software design. Completed Software Architects perform static code analysis. Quality Assurance QA Engineers and Analysts perform dynamic analysis of application. Deployment Period review and fast response to incident reports.

Regulatory Compliance SSAE 16 Type 2 SOC 2 and Type 1 SOC 1 BetterCloud has successfully completed both the Type 1 SOC 1 and the Type 2 SOC 2 Examinations. These examinations, the same to which industry leading companies like Google and Amazon hold themselves, show BetterCloud's continued commitment to data security and privacy in the cloud. Audits, conducted by BrightLine CPAs & Associates, Inc., a leading provider of attestation and compliance services, report on internal controls at a service organization as they relate to security, availability, processing integrity, confidentiality and privacy and can be used as part of a customer s cloud compliance strategy. For additional information about the SOC 2 examination, visit aicpa.org Privacy Policy - US - EU Safe Harbor Safe Harbor certification ensures that BetterCloud complies with Safe Harbor Principles established in the EU Directive 95/46/EC on the protection of personal data. Privacy Policy - TRUSTe TRUSTe certification ensures that BetterCloud's privacy and data collection practices have been reviewed and approved by an independent third party based on the guidelines set forth by TRUSTe for transparency, accountability and choice regarding the collection and use of a consumer personal information. To learn more about security at BetterCloud or to ask a specific question, please email security@bettercloud.com.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information