Paxata Security Overview



Similar documents
Sage Nonprofit Online and Sage Virtual Services. Frequently Asked Questions

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value

White Paper How Noah Mobile uses Microsoft Azure Core Services

Tableau Online Security in the Cloud

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

CONTENT OUTLINE. Background... 3 Cloud Security Instance Isolation: SecureGRC Application Security... 5

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Table of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.

PCI Requirements Coverage Summary Table

Security Controls for the Autodesk 360 Managed Services

Data Security and Privacy Principles for IBM SaaS How IBM Software as a Service is protected by IBM s security-driven culture

PCI Requirements Coverage Summary Table

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

GoodData Security Overview

BKDconnect Security Overview

Security & Infra-Structure Overview

Anypoint Platform Cloud Security and Compliance. Whitepaper

Security, trust and assurance

SECURITY AND REGULATORY COMPLIANCE OVERVIEW

Autodesk PLM 360 Security Whitepaper

How To Control Vcloud Air From A Microsoft Vcloud (Vcloud)

SOC 3 for Security and Availability

Security Issues in Cloud Computing

ProtectV. Securing Sensitive Data in Virtual and Cloud Environments. Executive Summary

CLOUD SERVICES FOR EMS

Memeo C1 Secure File Transfer and Compliance

Cloud Security. Peter Jopling IBM UK Ltd Software Group Hursley Labs. peterjopling IBM Corporation

Qlik Sense Enabling the New Enterprise

A Sumo Logic White Paper. Sumo Logic Security Model. Secure by Design

The Essential Security Checklist. for Enterprise Endpoint Backup

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%

IBM Connections Cloud Security

Cloud Security Who do you trust?

Splunk Enterprise Log Management Role Supporting the ISO Framework EXECUTIVE BRIEF

Clever Security Overview

Addressing Cloud Computing Security Considerations

Safeguarding the cloud with IBM Dynamic Cloud Security

Complying with PCI Data Security

Egnyte Cloud File Server. White Paper

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

SECURITY AND REGULATORY COMPLIANCE OVERVIEW

TECHNOLOGY PARTNER CERTIFICATION BENEFITS AND PROCESS

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Cloud Security Trust Cisco to Protect Your Data

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

Our Key Security Features Are:

Cloud Security Case Study Amazon Web Services. Ugo Piazzalunga Technical Manager, IT Security

PII Compliance Guidelines

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

Connectivity to Polycom RealPresence Platform Source Data

Protecting Data and Privacy in the Cloud

Cloud Contact Center. Security White Paper

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Security Checklist for Cloud Software

ensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster

Data Protection: From PKI to Virtualization & Cloud

THE BLUENOSE SECURITY FRAMEWORK

CLOUD STORAGE SECURITY INTRODUCTION. Gordon Arnold, IBM

GoodData Corporation Security White Paper

Security from a customer s perspective. Halogen s approach to security

solution brief February 2012 How Can I Obtain Identity And Access Management as a Cloud Service?

How To Use Egnyte

BMC s Security Strategy for ITSM in the SaaS Environment

OCTOBER 2015 TAULIA SUPPLIER ARCHITECTURE OVERVIEW TAULIA 201 MISSION STREET SAN FRANCISCO CA 94105

Passing PCI Compliance How to Address the Application Security Mandates

Security Information & Policies

SERENA SOFTWARE Serena Service Manager Security

With Eversync s cloud data tiering, the customer can tier data protection as follows:

The Netskope Active Platform

The Education Fellowship Finance Centralisation IT Security Strategy

Box: Redefining Security for the Cloud

Cloud Contact Center. Security White Paper

Advanced Service Desk Security

Digi Device Cloud: Security You Can Trust

How to Achieve Operational Assurance in Your Private Cloud

HIPAA Security Matrix

Microsoft SQL Server 2008 R2 Enterprise Edition and Microsoft SharePoint Server 2010

White Paper Big Data Without Big Headaches

Birst Security and Reliability

An Oracle White Paper June Security and the Oracle Database Cloud Service

Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment

Secure and control how your business shares files using Hightail

Cloud security architecture

Securing the Microsoft Cloud

Understanding Enterprise Cloud Governance

SHARPCLOUD SECURITY STATEMENT

Empowering Your Business in the Cloud Without Compromising Security

TOP SECRETS OF CLOUD SECURITY

Whitepaper. Security Best Practices for Evaluating Google Apps Marketplace Applications. Introduction. At a Glance

Securing the Service Desk in the Cloud

White Paper DocuWare Cloud. Version 2.0

BeBanjo Infrastructure and Security Overview

Transcription:

Paxata Security Overview Ensuring your most trusted data remains secure Nenshad Bardoliwalla Co-Founder and Vice President of Products nenshad@paxata.com

Table of Contents: Introduction...3 Secure Data in the Application Lifecycle...3 Authentication...3 Upload and Download...3 Dataset Permissions...3 Robust and Flexible Permission Model...4 Pervasive Auditing...4 Data at Rest...4 Backup and Restore...4 Data Retention...4 Data Centers...5 Our Policies, Practices, and Procedures...5 People Policies...5 Corporate Infrastructure...6 Data Breach Practices...6 Software Development Processes...6 Summary...6 About Paxata...7 2 www.paxata.com

Introduction Paxata s multi-tenant cloud native data preparation platform is used by some of the largest organizations in the world, and we work tirelessly to keep their continued trust. The best organizations know that effective security is not a bolted-on afterthought but rather an integral part of the fabric of both product development and daily operations and thus build security in from the ground up. Paxata invests significant resources in the security and reliability of our data centers, software, and our business operations. While there are hundreds of details behind each section, this paper summarizes the key personnel and technical practices, policies, and procedures that we follow continuously to ensure the security of your business data. Secure Data in the Application Lifecycle Authentication Users must log in to their Paxata accounts before they can engage in any activity in the system, whether via our own user interface or through our API s. Every service call made through the Paxata architecture requires user credentials in the form of a token, which makes the system immune to a number of vulnerabilities including spoofing. Upload and Download Once users have logged in, dataset upload or download can begin. We exchange all traffic between the outside world and our servers using 256-bit encryption via TLS 1.2. The connection is encrypted using AES_256_CBC, with SHA1 for message authentication and RSA as the key exchange mechanism. Dataset Permissions Once your data has reached our servers after authentication and upload, it then becomes subject to our authorization and audit security within the platform itself. 3 www.paxata.com

Robust and Flexible Permission Model Paxata provides a rich user, roles, and permissions model that is both robust and flexible. We provide out of the box definitions for four classes of users: Admins, Power Users, ReadWriteUsers, and ReadOnly Users. These roles contain specific permissions that allow for granular access to system capabilities, such as whether users can access/add/modify/delete users, roles, projects, sources, targets. The out of the box roles can be completely configured by the administrator. Administrators can set up roles for other users in their tenant with as restrictive a permission set as required and changes are enforced immediately. Pervasive Auditing The Paxata solution s LiveHistory automatically logs every single operation any user does in the system from modifying a single cell of data all the way to deleting datasets. The system also always records who the user was that did the operation, the exact time that the action was taken. While the application does allow users to revert to a previous version of a dataset (effectively undoing an action), even the rollback action itself is recorded in the system. All project modifications can also be searched for discovery, audit, and lineage purposes. Data at Rest Data that is stored on hard drives attached to Paxata servers is persisted in storage using 256-bit encryption. This means that, even with all the security precautions we take at our data centers and with our staff, if anyone unauthorized were to get ahold of Paxata s hard drives, they still would not be able to read your data. The encryption key itself is encrypted with a key encryption key that is stored securely and completely separately from the data. Only a small, select set of personnel who are trained in comprehensive security practices has access to the keys. Backup and Restore Paxata ensures that data is not lost due to device failure. Tenant s data is backed up at a minimum of once a day and can be restored rapidly in the event of incident. Data that is stored in backup is protected by the same encryption techniques as data at rest on our machine hard drives. Data Retention Paxata datasets, when deleted, are removed from the system along with all associated metadata, indexes, etc. In exceptional circumstances, deleted data can be restored from backup for a limited time period. 4 www.paxata.com

Data Centers Paxata uses multiple data centers to host its platform and data, providing essential redundancy. All service providers where Paxata is hosted are audited and compliant with both SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70 Type II) as well as SOC 2, Type II. Every service provider we use must publish a Service Organization Controls 1 (SOC 1), Type II report. The audit for this report is conducted in accordance with the Statement on Standards for Attestation Engagements No. 16 (SSAE 16) and the International Standards for Assurance Engagements No. 3402 (ISAE 3402). The SOC 1 report audit attests that our providers control objectives are appropriately designed and that the controls safeguarding customer data are operating effectively. In addition to the SOC 1 report, every service provider we use must publish a Service Organization Controls 2 (SOC 2), Type II report. The SOC 2 report is an attestation report that expands the evaluation of controls to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. These principles define leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations. The SOC 2 is an evaluation of the design and operating effectiveness of controls that meet the criteria for the security principle set forth in the AICPA s Trust Services Principles criteria. This report provides additional transparency into our service providers security based on a defined industry standard and further demonstrates their commitment to protecting customer data. Our Policies, Practices, and Procedures People Policies We strongly believe sound security practices come from management focus and should be driven throughout the organization. Employees are trained on our security policies and procedures. We maintain comprehensive policies (over 200 in all) for Corporate facility access Acceptable use Corporate passwords and production passwords Access privileges Incident response procedures Patch management Standards for hardened systems System configuration Change management 5 www.paxata.com

We have studied and learned from the industry best practices of leading cloud companies like Box and SalesForce and adhere to many of the controls prescribed in the Cloud Security Alliance Cloud Control Matrix. Corporate Infrastructure As a critical enabler of our business operations, Paxata also works to ensure the security of our corporate networks and files with: Network intrusion detection systems and host intrusion detection System, network, and application log reporting, analysis, archiving and retention Continuous internal monitoring Data Breach Practices The Paxata Incident Response Team has a documented plan to handle security incidents If, despite all other protections in place, your data is accessed without authorization, we will notify you If personal information about you or your employees is breached from the Paxata system, Paxata will notify you in accordance with California Law (California Civil Code Section1798.29 and Section 1798.82) Software Development Processes Security is woven in to the fabric of our software development process itself from design to deployment QA is integrated into the development process. Changes in various stages of development are tested on a daily basis Our automated test framework includes both positive and negative testing, with end to-end testing from authentication onward We use both application level and network security testing on an ongoing basis to ensure no new vulnerabilities are created Summary Modern multi-tenant cloud platforms must be designed for security from the ground up, and Paxata takes this very seriously. Our entire business centers on providing business analysts with the tools to create trustworthy, analytic-ready data, and the security of that data is a mission-critical priority for our company. This paper is a high level overview the security policies and practices in place to offer a safe way to import, explore, enrich, combine, and share your data. If at any time you have questions or require details about any of these, please contact us, and we ll be happy to answer them. 6 www.paxata.com

About Paxata Paxata is the first Adaptive Data Preparation platform built for the business analyst. Now everyone has the ability to rapidly turn all raw data into ready data for analytics in minutes, not months accelerating the time to right insights and action. Our customers, Pax Pros, now have the freedom to prepare data on their own or work with peers in a shared, transparent environment as they shape data for analytics. Paxata s seamless connection with BI tools like Tableau, Qlik and Excel gives business people total flexibility to use the visualization and discovery solutions they prefer to use. Paxata is a cloud-based, self-service solution powered by breakthrough technologies including semantic algorithms, distributed computing techniques and a highly interactive visual experience. Paxata dramatically reduces the most painful and manual steps of any analytic exercise, empowering analysts at market-leading companies like Dannon, Box and UBS to drive greater value for the business. In partnership with Cloudera, Tableau and Qlik, Paxata unlocks even greater potential from Big Data and Business Intelligence investments. Founded in January 2012, Paxata is headquartered in Redwood City, California. Visit www.paxata.com, follow @Paxata_News, connect on linkedin.com/company/paxata, follow us at www.facebook.com/paxata and watch us on www.youtube.com/paxatatv. Paxata 811 Hamilton St. Suite 201 Redwood City CA 94063 Phone: 1-855-9-PAXATA or 650-542-7900 Email: info@paxata.com Web: www.paxata.com 2014 Paxata, Inc. Paxata, the Paxata logo and the phrases IntelliFusion, LiveHistory and Adaptive Data Preparation are trademarks of Paxata, Inc. in the US and other countries. 7 www.paxata.com

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information