The PerspecSys PRS Solution and Cloud Computing

Similar documents
CANADIAN PRIVACY AND DATA RESIDENCY REQUIREMENTS. White Paper

Managing business risk

The Evolving Threat Landscape and New Best Practices for SSL

Secure Inside the Corporate Network: INDEX 1 INTRODUCTION 2. Encryption at the Internal Desktop 2 CURRENT TECHNIQUES FOR DESKTOP ENCRYPTION 3

Internet threats: steps to security for your small business

Oracle Identity Management for SAP in Heterogeneous IT Environments. An Oracle White Paper January 2007

CLOUD COMPUTING FOR SMALL- AND MEDIUM-SIZED ENTERPRISES:

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

Secure Messaging is far more than encryption.

Healthcare Security and HIPAA Compliance with A10

Choosing a Cloud Hosting Provider with Confidence THAWTE SSL CERTIFICATES PROVIDE A SECURE BRIDGE TO TRUSTED CLOUD HOSTING PROVIDERS

Are your multi-function printers a security risk? Here are five key strategies for safeguarding your data

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

SOLUTION BRIEF Enterprise Mobility Management. Critical Elements of an Enterprise Mobility Management Suite

TOP SECRETS OF CLOUD SECURITY

Test Data Management for Security and Compliance

Securing Corporate Data and Making Life Easier for the IT Admin Benefits of Pre Boot Network Authentication Technology

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

Compliance in 5 Steps

Preemptive security solutions for healthcare

68% Meet compliance needs with Microsoft Exchange. of companies send sensitive data via .

Solutions for Health Insurance Portability and Accountability Act (HIPAA) Compliance

TEMPLE UNIVERSITY POLICIES AND PROCEDURES MANUAL

White paper Reaping Business Value from a Hybrid Cloud Strategy

Cybersecurity Strategy

What You Need to Know About CLOUD INFORMATION PROTECTION SOLUTIONS

Choosing a Cloud Hosting Provider with Confidence

Seven Key Issues to Consider Before Selecting a Cloud Hosting Provider

In-House Vs. Hosted Security. 10 Reasons Why Your is More Secure in a Hosted Environment

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

IBM Data Security Services for endpoint data protection endpoint encryption solution

Cloud Security Implications for Financial Institutions By Scott Galyk Director of Software Development FIMAC Solutions, LLC

Accelerating Insurance Legacy Modernization

10 easy steps to secure your retail network

HIPAA: Understanding The Omnibus Rule and Keeping Your Business Compliant

The Challenge of Securing and Managing Data While Meeting Compliance

How To Protect Your Cloud From Attack

Cisco SAFE: A Security Reference Architecture

Teradata and Protegrity High-Value Protection for High-Value Data

Enterprise Data Protection

Data-Centric Security vs. Database-Level Security

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

WHITE PAPER. HIPAA-Compliant Data Backup and Disaster Recovery

custom hosting for how you do business

Why cloud backup? Top 10 reasons

Cloud Security Who do you trust?

Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture

Enterprise Key Management: A Strategic Approach ENTERPRISE KEY MANAGEMENT A SRATEGIC APPROACH. White Paper February

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

Contents. BBS Software as a Service (SaaS),7. EH introducing aoudco.pu.ing 1. Distinguishing Cloud Types 4. Exploring

Data Privacy & Compliance in the Cloud

HIPAA DATA SECURITY & PRIVACY COMPLIANCE

Choosing a Cloud Hosting Provider with Confidence

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

Business Case for Voltage Secur Mobile Edition

Baltimore UniCERT. the world s leading PKI. global e security

Top Ten Technology Risks Facing Colleges and Universities

Document Quality Assurance Solutions

Atkins safeguards availability of client s geospatial systems with a CA AppLogic private cloud environment

How to ensure control and security when moving to SaaS/cloud applications

Cloud Contact Center. Security White Paper

IJRSET 2015 SPL Volume 2, Issue 11 Pages: 29-33

Cisco Cloud Security Interoperability with Microsoft Office 365

RSA Solution Brief RSA. Encryption and Key Management Suite. RSA Solution Brief

Cloud Computing: A Question of Trust Maintaining Control and Compliance with Data-centric Information Security

HIPAA/HITECH Compliance Using VMware vcloud Air

An Introduction to HIPAA and how it relates to docstar

Cloud Contact Center. Security White Paper

What Every User Needs To Know Before Moving To The Cloud. LawyerDoneDeal Corp.

NOS for IT User and Application Specialist. IT Security (ESKITU04) November 2014 V1.0

Cloud Services and Business Process Outsourcing

EXECUTIVE BRIEF SPON. File Synchronization and Sharing Market Forecast, Published May An Osterman Research Executive Brief

Securing the Microsoft Cloud

Cloud Computing: Risks and Auditing

WHY CLOUD BACKUP: TOP 10 REASONS

PCI DSS Top 10 Reports March 2011

Complying with PCI Data Security

For more information on how to build a HIPAA-compliant wireless network with Lutrum, please contact us today!

HIPAA Security Alert

anomaly, thus reported to our central servers.

Keep Your Data Secure in the Cloud Using encryption to ensure your online data is protected from compromise

Securing the Cloud Infrastructure

Enterprise Computing Solutions

AskAvanade: Answering the Burning Questions around Cloud Computing

ISSUE BRIEF. Cloud Security for Federal Agencies. Achieving greater efficiency and better security through federally certified cloud services

GLOBAL CLOUD DATA SECURITY REPORT Q1 2015: THE AUTHORITY ON HOW TO PROTECT DATA IN THE CLOUD

AHLA. JJ. Keeping Your Cloud Services Provider from Raining on Your Parade. Jean Hess Manager HORNE LLP Ridgeland, MS

The Workplace of the Future and Mobile Device Risk ISACA Pittsburgh. May 20 th, 2013

Hedge Funds & the Cloud: The Pros, Cons and Considerations

RSS Cloud Solution COMMON QUESTIONS

Protecting Your Data On The Network, Cloud And Virtual Servers

Solution White Paper Monetizing the Service Provider Cloud

Key Considerations of Regulatory Compliance in the Public Cloud

Total Cloud Protection

White Paper. Why Should You Archive Your With a Hosted Service?

What You Need to Know About Cloud Backup: Your Guide to Cost, Security, and Flexibility

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Transcription:

THE PERSPECSYS KNOWLEDGE SERIES Solving Privacy, Residency and Security in the Cloud

Data Compliance and the Enterprise Cloud Computing is generating an incredible amount of excitement and interest from companies of every size, across every business category. It is the most transformative technology in decades and heralds an evolution in computing that has virtually every analyst group declaring that Cloud Computing is the new computing paradigm. In response to concerns about information access and usage, by both public and private corporations, Cloud Computing has spawned an entirely new body of law, generated new policies, created new standards, and raised new concerns. Whether government imposed regulations within a given jurisdiction like the Patriot Act, PIPEDA, or the EU Data Protection Directive, or industry-specific regulations such as Payment Card Industry (PCI) for retailers, HIPAA for healthcare information, or Sarbanes Oxley for enterprises, organizations must adhere to an ever-changing set of standards, laws, and guidelines in order to safeguard their company s private and business sensitive data and still comply with the law. So how can public and private sector companies leverage the enumerable and quantifiable benefits of the cloud, while maintaining total control over their corporation s private and business sensitive data? Enter the Cloud At the most basic level, the procurement of a cloud service is like any other purchase, firms must assess the operational risk and compliance implications as they do with any other application or service. Exposures that may be associated with a cloud service and which warrant particular attention include: Data privacy, restrictions on access to data (whether by the organization, industry, or government regulators) Data residency, where the data resides Compliance with privacy regulations across the geographies in which the service is being employed It is time to address the cloud s opportunities with respect to its challenges. More specifically, the challenges the cloud represents in terms of privacy, residency and security. The PerspecSys PRS solution is the only proven commercial solution that allows companies to run their business applications in the cloud and store their private and business-sensitive data behind their corporate firewall. The PerspecSys PRS solution is designed to assist those organizations that want to leverage cloud computing, but are constrained by compliance, regulatory, political, or policy requirements.

Cloud Adoption Challenges Organizations want to maintain control over their data for business, political, policy, legislative, competitive, and technical compliance reasons. While primarily driven by regulatory requirements with respect to data control, companies are also concerned about cloud application s ability to be mission critical. The PerspecSys PRS solution enables enterprise adoption by extending the cloud application s Privacy, Residency, and Security capabilities, providing support for disaster recovery planning, backup and recovery, access control, business continuity, and other characteristics that define an application as mission critical. The PRS solution can also address cloud adoption fears about vendor lock-in, meeting service-level agreements, losing control of underlying infrastructure, having the ability to selectively interoperate with multiple clouds, and integrate with current inhouse applications. Privacy In many cases, in order to comply with specific privacy requirements, business-sensitive information must be managed more stringently than non-sensitive data. As a result, some cloud adoption strategies involve keeping sensitive information within the enterprise (i.e. out of the cloud), and non-sensitive information can be stored in the cloud. Residency Where is the data? Who has access to it? Who controls it? Who manages it? What laws and jurisdiction govern it? In the current state of cloud computing law, keeping data behind the corporate firewall is the only strategy that can be said to guarantee which jurisdiction will govern it. Keeping private and sensitive data in the cloud exposes it to multiple jurisdictions for many years to come. Information Privacy and Security Most jurisdictions around the globe have adopted some form of information privacy regulations. Indeed, these regulations vary from location to location, making it very difficult to determine which location has jurisdiction over your data. High-end theft of corporate information for the purposes of identity theft have engendered regulatory compliance Security Since the organization is liable and culpable for any and all data breaches, which can result in very significant penalties, data security and risk analysis has been a part of any systems operations compliance policy for decades. Cloud computing requires an additional layer of security and engenders an additional layer of risk. Who can access your data? How can they access it? How do you maintain control over your business sensitive data?

requirements forcing organizations to manage private or personal information in a much more secure manner, or face the legal consequences. Most prevalent in the financial services, health care, and public sectors, organizations must adopt stringent business processes and procedures for the management of private and business sensitive information. Data Residency Going beyond information privacy and security, many jurisdictions have enacted specific legislation regarding the location and handling of specific pieces of information. For example: Many financial services institutions are required to have personal information (PI) always locally resident. Compliance requirements prohibit certain forms of information from leaving the jurisdiction altogether. Information cannot leave the enterprise or even the department, because information in transit is subject to the laws of multiple jurisdictions. Companies entrusted with healthcare, some public sector, and/or PI data are often required by law to store and manage data locally, and guarantee that no foreign national has access to the data. Laws governing data residency and privacy apply to all the operations on the data, including data backup, which often must be conducted within the enterprise, or at a minimum, within the governing jurisdiction or boundaries defined by the specific statute. In many instances, cloud vendors store data in one geography, but back up the data in another geography, breaking jurisdictional compliance requirements. With these data compliance requirements, Cloud adoption is often constrained, with some organizations opting to only use a limited subset of the functionality, while others forgo usage of cloudbased applications altogether. The PerspecSys PRS Solution The PerspecSys PRS solution is comprised of a series of software components that can be deployed with flexible configuration options to meet a wide range of requirements. PerspecSys PRS Server The core of any PerspecSys PRS solution is the PerspecSys PRS Server. The PerspecSys PRS Server provides the main privacy, residency, and security data management services. No programming is required the server is graphically installed and configured, designed to be run with very little management support. Cloud application-specific requirements are supported by installing and configuring application-specific adaptors.

PerspecSys PRS Reverse Proxy Server The PerspecSys PRS Reverse Proxy Server allows organizations with sophisticated internet access requirements to employ reverse proxy and proxy chain strategies for cloud application access. The PerspecSys PRS Reverse Proxy Server allows cloud application customers to further secure their cloud application access by mitigating risks normally associated with cloud security, including phishing attacks, unauthorized external access, and denial of service attacks. The PerspecSys PRS Reverse Proxy Server complements cloud application access and security configurations to ensure that only authorized users can access the cloud application from the enterprise. When coupled with the PerspecSys PRS Server, the PerspecSys PRS Reverse Proxy Server adds a powerful dimension to the security aspects of cloud data compliance. PerspecSys PRS MTA Server The PerspecSys PRS MTA Server is a Mail Transfer Agent that works in conjunction with a cloud application s email services. Cloud applications may allow users to directly email customers and contacts from within the application, using standard templates, marketing campaign services, and other emailrelated functionality. However, if the email address and associated contact information is considered sensitive, this functionality typically cannot be used if the sensitive contact information is not in the cloud application. The PerspecSys PRS MTA Server allows the cloud application to leverage PRS services from the PerspecSys PRS Server, thereby restoring the real email address and other sensitive information within the email, and then forwarding the email on to the corporate email server for delivery, while not exposing the sensitive email information to the cloud application. The PRS MTA Server has the added benefit of ensuring that email from your organization is routed through your own mail servers, leveraging the existing investment in corporate email security, handling polices, and support systems such as spam filtering and virus detection.

The PerspecSys PRS Solution at Work Privacy Sitting between the enterprise desktop browser and company s firewall, the PerspecSys PRS solution seamlessly intercepts the conversations between users and the cloud applications, replacing business sensitive data with replacement data in the cloud application. As defined by the organization, information that cannot, or should not, leave the enterprise or jurisdiction remains in a database behind the organization s firewall, while cloud application users experience virtually all of the functionality of the cloud application, regardless of where the data resides. The PerspecSys PRS solution is also capable of "encryption on the fly". Instead of storing and managing the information locally, information is encrypted before it is sent to the Cloud application, and decrypted on the return. The cloud application data itself, if accessed directly, would appear only as an encrypted list of values. In this way, if the PerspecSys PRS solution or the Cloud application is ever compromised, the attacker would not be able to piece together any usable information as it is not in any usable format. The key value of the PerspecSys PRS solution is the preservation of functionality, including searching, reporting, integration, customization, and other cloud application functionality required by the enterprise, even though the cloud application contains no sensitive data. Residency For Data Residency, the PerspecSys PRS solution is able to identify specific pieces of data, save them to a local database, and send randomly generated replacement values (tokens) to the Cloud application. The real data stays resident locally, governed by local statutes and operating under corporate policy. The

Cloud application operates with the replacement information. The key point is that there is no physical way that the real data can be derived from the token value. The PerspecSys PRS solution allows you to categorize cloud application data into four categories: 1. Tokens 2. Sortable Tokens 3. Encrypted Values 4. Clear Text Data, on a field-by-field basis, is protected by one of these obfuscation strategies. Users accessing the cloud application through the PerspecSys PRS solution can perform advanced searches (wildcards included) on the data, no matter how it was obfuscated. Security One optional component of the PerspecSys PRS solutions is the PerspecSys PRS Reverse Proxy Server. The PerspecSys PRS Reverse Proxy Server ensures that only authorized access to the cloud application occurs from the organization. When properly configured, the PerspecSys PRS Reverse Proxy Server creates a secure authentication link between your organization and the cloud. The PerspecSys PRS solution also extends the cloud application security model by making it finer grained. This includes, for example, restricting access to specific information based on the user s location. This ensures compliance with jurisdictional requirements, for example, Swiss bank laws where information should not leave a particular jurisdiction. The PerspecSys PRS solution can also extend access controls, such as Single Sign On (SSO), to be more flexible, especially in multijurisdictional implementations of the cloud application. Looking forward there is little doubt that cloud computing will play an increasingly important role for both public and private enterprises. Organizations that employ cloud platforms will benefit from the increased scalability, security, and portability of their cloud-based applications. Cloud applications will also help companies significantly reduce time-to-market, realize substantial cost-savings and react more quickly to changing market conditions. With these and other benefits, cloud computing is here to stay. If your organization really wants to leverage all the advantages that the cloud has to offer while addressing your privacy, residency, and security concerns, contact PerspecSys to find out how the PRS solution can work for you. Contact us today to learn more. P (905) 857-0411 E sales@perspecsys.com PerspecSys, the PerspecSys logo and the PerspecSys Information Server\PRS Server logo are trademarks or registered trademarks of PerspecSys Inc. in Canada, PerpecSys other countries Inc. 2012. or both. All Other rights company reserved. images, product, and service names, may be trademarks or service marks of others. References in this publication to PerspecSys products or services do not imply that PerspecSys intends to make them available in all countries in which PerspecSys operates.

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information