Fully Managed Secure Data Sharing (a cloud service)

Similar documents

DISASTER RECOVERY WITH AWS

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

TalentLink Disaster Recovery & Service Continuity

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Active Directory Infrastructure Design Document

High availability on the Catalyst Cloud

Level I - Public. Technical Portfolio. Revised: July 2015

Our Hosting Infrastructure. An introduction to our Platform, Data Centres and Data Security.

State of Texas. TEX-AN Next Generation. NNI Plan

Hardware/Software Deployment Strategies. Introduction to Information System Components. Chapter 1 Part 4 of 4 CA M S Mehta, FCA

SaaS Security for the Confirmit CustomerSat Software

UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM

by New Media Solutions 37 Walnut Street Wellesley, MA p f Avitage IT Infrastructure Security Document

Perceptive Software Platform Services

Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security

Data Backup and Restore (DBR) Overview Detailed Description Pricing... 5 SLAs... 5 Service Matrix Service Description

White Paper. Prepared by: Neil Shah Director, Product Management March, 2014 Version: 1. Copyright 2014, ezdi, LLC.

Xerox Digital Alternatives Security and Evaluation Guide. May 2015 Version 1.1

Use of Exchange Mail and Diary Service Code of Practice

Backup Exec Private Cloud Services. Planning and Deployment Guide

What s in Installing and Configuring Windows Server 2012 (70-410):

<cloud> Secure Hosting Services

Security Policy JUNE 1, SalesNOW. Security Policy v v

Frankfurt Data Centre Overview

HealthcareBookings.com Security Set Up

Storage Guardian Remote Backup Restore and Archive Services

custom hosting for how you do business

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

ProjectManager.com Security White Paper

Autodesk PLM 360 Security Whitepaper

North Street Global, LLC. Business Continuity Plan

REMOTE ASSISTANCE SOLUTIONS Private Server

How To Use Quantum Rbs Inc. Small Business Backup

Data Centre Service Level Agreement

Time to Value: Successful Cloud Software Implementation

MCSA: Windows Server 2012 Boot Camp

DISASTER RECOVERY. Omniture Disaster Plan. June 2, 2008 Version 2.0

GTS Software Remote Desktop Services

Symantec PGP Whole Disk Encryption Hands-On Lab V 3.7

System Security. Your data security is always our top priority

Colocation Service Level Agreement

Our Cloud Offers You a Brighter Future

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

Small Business IT Risk Assessment

ULH-IM&T-ISP06. Information Governance Board

Understanding Sage CRM Cloud

Cloud Computing. Benefits and Risks. Bill Wells, CISSP, CISM, CISA, CRISC, CIPP/IT

Configuring Advanced Windows Server 2012 Services Course 20412

Disaster Recovery Design Ehab Ashary University of Colorado at Colorado Springs

Security from a customer s perspective. Halogen s approach to security

Cloud Management. Overview. Cloud Managed Networks

McAfee Endpoint Encryption Hot Backup Implementation

How To Secure Your Data Center From Hackers

CloudDesk - Security in the Cloud INFORMATION

penelope athena software SOFTWARE AS A SERVICE INFORMATION PACKAGE case management software

Recommended IP Telephony Architecture

UCS Level 2 Report Issued to

DATA CENTRE DATA CENTRE MAY 2015

Itron Cloud Services Offering

Frequently Asked Questions

CompTIA Cloud+ 9318; 5 Days, Instructor-led

FormFire Application and IT Security. White Paper

StratusLIVE for Fundraisers Cloud Operations

Deployment Topologies

CompTIA Cloud+ Course Content. Length: 5 Days. Who Should Attend:

University of California, Riverside Computing and Communications. IS3 Local Campus Overview Departmental Planning Template

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

PAAS Public Sector Managed Services

ACME Enterprises IT Infrastructure Assessment

TECHNICAL AND ORGANIZATIONAL DATA SECURITY MEASURES

SECURITY DOCUMENT. BetterTranslationTechnology

Document Details. 247Time Backup & Disaster Recovery Plan. Author: Document Tracking. Page 1 of 12

Things You Need to Know About Cloud Backup

CONTENTS. Security Policy

How To Use Egnyte

OVERVIEW OF TYPICAL WINDOWS SERVER ROLES

High Availability of VistA EHR in Cloud. ViSolve Inc. White Paper February

IT SERVICE MANAGEMENT FAQ

Security Whitepaper: ivvy Products

DATA CENTRE DATA CENTRE

CDK Cloud Hosting HSP (Hardware Service Provision) For your Dealer Management System (DMS)

M4 Systems. M4 Online Backup. M4 Systems Ltd Tel: International: +44 (0)

SNAP WEBHOST SECURITY POLICY

סילבוס -MCITP מנהלי רשתות

Service Overview CloudCare Online Backup

Enterprise level security, the Huddle way.

GiftWrap 4.0 Security FAQ

Administering the Web Server (IIS) Role of Windows Server

Diagram Cloud Computing

Client Security Risk Assessment Questionnaire

Cloud Storage and Backup

SHARPCLOUD SECURITY STATEMENT

Transcription:

Protect your critical infrastructure, information & interactions Fully Managed Secure Data Sharing (a cloud service) working on behalf of

What is Fully Managed Secure Data Share - FMSDS?

Core Technology

FMSDS Enrolment Key Management Policy Admin User ID Obfuscation Reporting Gradian Secure Cloud Administrator

FMSDS Using Symantec-PGP technology, we provide a fully secure, cloud based, managed solution for protecting data stored in and shared through the cloud This eliminates the requirement for onsite management server infrastructure and support. IT Management overhead is dramatically reduced. All access requests are managed securely from the cloud.

What s Different from On-site Protected, proprietary technology and processes, provide fully secure: Enrolment Key management Policy Reporting. from the cloud

Key Safeguard Features Data leaves your network encrypted Admin only manages: User ID obfuscation (initial set up) Policy Key revocation schedule Gradian never has access to: Data User IDs Delivered from secure, scalable, SLA controlled environment

Service Level Agreement Availability: Enrolment 99.5% New users 99.9% Reports 99.5% Enrolment Interface Response time < 7 seconds Backup Keys 99.9%

Consultancy Services Architectural design Audits, Health Checks, Reviews Deployment Project Management Training Examples : Integration with existing Symantec-PGP User awareness and education training SOW Creation and Delivery

Thank You. Protect your critical infrastructure, information & interactions

Back Up Slides Architecture and processes

Architecture A redundant architecture configured in a matrix networking model External interfaces are firewalled to only the Symantec Server Internal Admin interface is firewall restricted to the services published through the Web Admin Consoles

Data Centre Specifications Diverse fibre from Virgin and BT Fully meshed BGP multi-gigabit network High-end Cisco stacked routers and switches Under-floor Denco air-conditioning system Fully redundant Riello UPS system Volvo diesel backup generator VESDA smoke detection FM200 fire suppression system Secure locked server racks CCTV and access control throughout

Disaster Recovery Local site failover Manual DNS change to enable the PGP Slave server to process requests All other services are automatically configured for automatic failover Offsite data replication for backup The PGP database is backed up and encrypted before being transferred offsite for secure storage Support team have a dedicated console to monitor the health of the system components 24x7 Heartbeats and dummy requests to test the performance and availability 4 hour Total time to Recover In the event of a data centre loss

Data Security All systems are firewalled Secure Physical Site Access Control Internal Administration requires 2 factor authentication All application requests are logged and audited Change control process requires secondary level authentication before certain changes can be made User Data is obfuscated from Gradian

FMSDS Design Principles Deliver a secure, reliable fault tolerant Symantec Secure Data Share solution as a fully managed, cloud delivered service Critical Processes Enrolment Encryption Key backup Business Processes Policy Reporting

UserID obfuscation Gradian generate unique UserIDs when a customer places an order These UserIDs are also provided with default passwords This UserID and Password must be used to perform the enrolment, the password can be changed after the initial enrolment The customer is responsible for maintaining knowledge of which UserID was provided to which actual end user for folder access This eliminates the risk of a security compromise at Gradian

Customer Security Process When a customer is added to the service they are required to provide 2 authorised administrative contacts Contact details include email, office phone, & mobile phone A unique Access Credential is provided to each of the administrative contacts via secure email. A customer that requests support or key retrieval must be validated in the following way One of the administrative contacts must be the initiator of the request. Gradian will take the initial call and then call the contact back on one of the numbers that were specified during customer enrolment The administrative contact must provide the Access Credential to the Gradian Support operative along with the Gradian issued UserID that they require support/key retrieval for. The support request will be handled by Gradian s MSP support staff Customers must inform Gradian of any change in authorised administrative contacts

Thank You. Protect your critical infrastructure, information & interactions