SlideShare une entreprise Scribd logo

Perspec sys knowledge_series__solving_privacy_residency_and_security

Accenture
Accenture
1  sur  7
Télécharger pour lire hors ligne
THE PERSPECSYS KNOWLEDGE SERIES Solving Privacy, Residency and Security in the Cloud PerpecSys Inc. ©2012. All rights reserved.
Data Compliance and the Enterprise Cloud Computing is generating an incredible amount of excitement and interest from companies of every size, across every business category. It is the most transformative technology in decades and heralds an evolution in computing that has virtually every analyst group declaring that Cloud Computing is the new computing paradigm. In response to concerns about information access and usage, by both public and private corporations, Cloud Computing has spawned an entirely new body of law, generated new policies, created new standards, and raised new concerns. Whether government imposed regulations within a given jurisdiction like the Patriot Act, PIPEDA, or the EU Data Protection Directive, or industry-specific regulations such as Payment Card Industry (PCI) for retailers, HIPAA for healthcare information, or Sarbanes Oxley for enterprises, organizations must adhere to an ever-changing set of standards, laws, and guidelines in order to safeguard their company’s private and business sensitive data and still comply with the law. So how can public and private sector companies leverage the enumerable and quantifiable benefits of the cloud, while maintaining total control over their corporation’s private and business sensitive data? Enter the Cloud At the most basic level, the procurement of a cloud service is like any other purchase, firms must assess the operational risk and compliance implications as they do with any other application or service. Exposures that may be associated with a cloud service and which warrant particular attention include:  Data privacy, restrictions on access to data (whether by the organization, industry, or government regulators)  Data residency, where the data resides  Compliance with privacy regulations across the geographies in which the service is being employed It is time to address the cloud’s opportunities with respect to its challenges. More specifically, the challenges the cloud represents in terms of privacy, residency and security. The PerspecSys PRS solution is the only proven commercial solution that allows companies to run their business applications in the cloud and store their private and business-sensitive data behind their corporate firewall. The PerspecSys PRS solution is designed to assist those organizations that want to leverage cloud computing, but are constrained by compliance, regulatory, political, or policy requirements. PerpecSys Inc. ©2012. All rights reserved.
Cloud Adoption Challenges Organizations want to maintain control over their data for business, political, Privacy policy, legislative, competitive, and technical compliance reasons. In many cases, in order to comply with specific privacy requirements, business-sensitive information must be While primarily driven by regulatory managed more stringently than non-sensitive data. As a requirements with respect to data result, some cloud adoption strategies involve keeping control, companies are also concerned sensitive information within the enterprise (i.e. out of about cloud application’s ability to be the cloud), and non-sensitive information can be stored mission critical. The PerspecSys PRS in the cloud. solution enables enterprise adoption by extending the cloud application’s Privacy, Residency, and Security capabilities, providing support for disaster recovery planning, backup and Residency recovery, access control, business Where is the data? Who has access to it? Who controls continuity, and other characteristics it? Who manages it? What laws and jurisdiction govern that define an application as mission it? In the current state of cloud computing law, keeping critical. The PRS solution can also data behind the corporate firewall is the only strategy address cloud adoption fears about that can be said to guarantee which jurisdiction will vendor lock-in, meeting service-level govern it. Keeping private and sensitive data in the agreements, losing control of underlying cloud exposes it to multiple jurisdictions for many years infrastructure, having the ability to to come. selectively interoperate with multiple clouds, and integrate with current in- house applications. Information Privacy and Security Security Since the organization is liable and culpable for any Most jurisdictions around the globe and all data breaches, which can result in very have adopted some form of information significant penalties, data security and risk analysis has privacy regulations. Indeed, these been a part of any systems operations compliance regulations vary from location to policy for decades. Cloud computing requires an location, making it very difficult to additional layer of security and engenders an determine which location has additional layer of risk. Who can access your data? jurisdiction over your data. High-end How can they access it? How do you maintain control theft of corporate information for the over your business sensitive data? purposes of identity theft have engendered regulatory compliance PerpecSys Inc. ©2012. All rights reserved.
requirements forcing organizations to manage ’private or personal’ information in a much more secure manner, or face the legal consequences. Most prevalent in the financial services, health care, and public sectors, organizations must adopt stringent business processes and procedures for the management of private and business sensitive information. Data Residency Going beyond information privacy and security, many jurisdictions have enacted specific legislation regarding the location and handling of specific pieces of information. For example:  Many financial services institutions are required to have personal information (PI) always locally resident.  Compliance requirements prohibit certain forms of information from leaving the jurisdiction altogether.  Information cannot leave the enterprise or even the department, because information in transit is subject to the laws of multiple jurisdictions.  Companies entrusted with healthcare, some public sector, and/or PI data are often required by law to store and manage data locally, and guarantee that no foreign national has access to the data.  Laws governing data residency and privacy apply to all the operations on the data, including data backup, which often must be conducted within the enterprise, or at a minimum, within the governing jurisdiction or boundaries defined by the specific statute. In many instances, cloud vendors store data in one geography, but back up the data in another geography, breaking jurisdictional compliance requirements. With these data compliance requirements, Cloud adoption is often constrained, with some organizations opting to only use a limited subset of the functionality, while others forgo usage of cloud- based applications altogether. The PerspecSys PRS Solution The PerspecSys PRS solution is comprised of a series of software components that can be deployed with flexible configuration options to meet a wide range of requirements. PerspecSys PRS Server The core of any PerspecSys PRS solution is the PerspecSys PRS Server. The PerspecSys PRS Server provides the main privacy, residency, and security data management services. No programming is required—the server is graphically installed and configured, designed to be run with very little management support. Cloud application-specific requirements are supported by installing and configuring application-specific adaptors. PerpecSys Inc. ©2012. All rights reserved.
PerspecSys PRS Reverse Proxy Server The PerspecSys PRS Reverse Proxy Server allows organizations with sophisticated internet access requirements to employ reverse proxy and proxy chain strategies for cloud application access. The PerspecSys PRS Reverse Proxy Server allows cloud application customers to further secure their cloud application access by mitigating risks normally associated with cloud security, including phishing attacks, unauthorized external access, and denial of service attacks. The PerspecSys PRS Reverse Proxy Server complements cloud application access and security configurations to ensure that only authorized users can access the cloud application from the enterprise. When coupled with the PerspecSys PRS Server, the PerspecSys PRS Reverse Proxy Server adds a powerful dimension to the security aspects of cloud data compliance. PerspecSys PRS MTA Server The PerspecSys PRS MTA Server is a Mail Transfer Agent that works in conjunction with a cloud application’s email services. Cloud applications may allow users to directly email customers and contacts from within the application, using standard templates, marketing campaign services, and other email- related functionality. However, if the email address and associated contact information is considered sensitive, this functionality typically cannot be used if the sensitive contact information is not in the cloud application. The PerspecSys PRS MTA Server allows the cloud application to leverage PRS services from the PerspecSys PRS Server, thereby restoring the real email address and other sensitive information within the email, and then forwarding the email on to the corporate email server for delivery, while not exposing the sensitive email information to the cloud application. The PRS MTA Server has the added benefit of ensuring that email from your organization is routed through your own mail servers, leveraging the existing investment in corporate email security, handling polices, and support systems such as spam filtering and virus detection. PerpecSys Inc. ©2012. All rights reserved.
The PerspecSys PRS Solution at Work Privacy Sitting between the enterprise desktop browser and company’s firewall, the PerspecSys PRS solution seamlessly intercepts the conversations between users and the cloud applications, replacing business sensitive data with replacement data in the cloud application. As defined by the organization, information that cannot, or should not, leave the enterprise or jurisdiction remains in a database behind the organization’s firewall, while cloud application users experience virtually all of the functionality of the cloud application, regardless of where the data resides. The PerspecSys PRS solution is also capable of "encryption on the fly". Instead of storing and managing the information locally, information is encrypted before it is sent to the Cloud application, and decrypted on the return. The cloud application data itself, if accessed directly, would appear only as an encrypted list of values. In this way, if the PerspecSys PRS solution or the Cloud application is ever compromised, the attacker would not be able to piece together any usable information as it is not in any usable format. The key value of the PerspecSys PRS solution is the preservation of functionality, including searching, reporting, integration, customization, and other cloud application functionality required by the enterprise, even though the cloud application contains no sensitive data. Residency For Data Residency, the PerspecSys PRS solution is able to identify specific pieces of data, save them to a local database, and send randomly generated replacement values (tokens) to the Cloud application. The real data stays resident locally, governed by local statutes and operating under corporate policy. The PerpecSys Inc. ©2012. All rights reserved.
Cloud application operates with the replacement information. The key point is that there is no physical way that the real data can be derived from the token value. The PerspecSys PRS solution allows you to categorize cloud application data into four categories: 1. Tokens 2. Sortable Tokens 3. Encrypted Values 4. Clear Text Data, on a field-by-field basis, is protected by one of these obfuscation strategies. Users accessing the cloud application through the PerspecSys PRS solution can perform advanced searches (wildcards included) on the data, no matter how it was obfuscated. Security One optional component of the PerspecSys PRS solutions is the PerspecSys PRS Reverse Proxy Server. The PerspecSys PRS Reverse Proxy Server ensures that only authorized access to the cloud application occurs from the organization. When properly configured, the PerspecSys PRS Reverse Proxy Server creates a secure authentication link between your organization and the cloud. The PerspecSys PRS solution also extends the cloud application security model by making it finer grained. This includes, for example, restricting access to specific information based on the user’s Looking forward there is little doubt that cloud computing location. This ensures compliance with will play an increasingly important role for both public and jurisdictional requirements, for private enterprises. Organizations that employ cloud example, Swiss bank laws where platforms will benefit from the increased scalability, information should not leave a security, and portability of their cloud-based applications. particular jurisdiction. The PerspecSys Cloud applications will also help companies significantly PRS solution can also extend access reduce time-to-market, realize substantial cost-savings and controls, such as Single Sign On (SSO), react more quickly to changing market conditions. With to be more flexible, especially in multi- these and other benefits, cloud computing is here to stay. jurisdictional implementations of the If your organization really wants to leverage all the cloud application. advantages that the cloud has to offer while addressing your privacy, residency, and security concerns, contact PerspecSys to find out how the PRS solution can work for you. Contact us today to learn more. P (905) 857-0411 E sales@perspecsys.com PerspecSys, the PerspecSys logo and the PerspecSys Information ServerPRS Server™ logo are trademarks or registered trademarks of PerspecSys Inc. in Canada, other countries or both. All rights reserved. product, and service names, may be trademarks or service marks of others. References in this PerpecSys Inc. ©2012. Other company images, publication to PerspecSys products or services do not imply that PerspecSys intends to make them available in all countries in which PerspecSys operates.

Recommandé

Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0David Spinks
 
Cloud Computing: legal issues
Cloud Computing: legal issuesCloud Computing: legal issues
Cloud Computing: legal issuesISPABelgium
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFETECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFEJames Wier
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykEryk Budi Pratama
 
Global Security Certification for Governments
Global Security Certification for GovernmentsGlobal Security Certification for Governments
Global Security Certification for GovernmentsCloudMask inc.
 
Opteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix LLC
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 

Recommandé

Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0Legal And Regulatory Issues Cloud Computing...V2.0
Legal And Regulatory Issues Cloud Computing...V2.0David Spinks
 
Cloud Computing: legal issues
Cloud Computing: legal issuesCloud Computing: legal issues
Cloud Computing: legal issuesISPABelgium
 
Law firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskLaw firms keep sensitive client data secure with CloudMask
Law firms keep sensitive client data secure with CloudMaskCloudMask inc.
 
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFETECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFE
TECHNOLOGY 101 AND THE PRACTICE OF LAW: KEEPING YOUR FIRM SAFEJames Wier
 
Cyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykCyber Resilience - Welcoming New Normal - Eryk
Cyber Resilience - Welcoming New Normal - ErykEryk Budi Pratama
 
Global Security Certification for Governments
Global Security Certification for GovernmentsGlobal Security Certification for Governments
Global Security Certification for GovernmentsCloudMask inc.
 
Opteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix_whitepaper_Data Masking Strategy.pdf
Opteamix_whitepaper_Data Masking Strategy.pdfOpteamix LLC
 
The Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarThe Rise of Data Ethics and Security - AIDI Webinar
The Rise of Data Ethics and Security - AIDI WebinarEryk Budi Pratama
 
Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-clouddrewz lin
 
cloud-security
cloud-securitycloud-security
cloud-securityAsun Sada
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkIOSR Journals
 
Securing_Medical_Imaging_in_the_Cloud_Whitepaper
Securing_Medical_Imaging_in_the_Cloud_WhitepaperSecuring_Medical_Imaging_in_the_Cloud_Whitepaper
Securing_Medical_Imaging_in_the_Cloud_Whitepaperlaurenstill
 
OWASP Cloud Top 10
OWASP Cloud Top 10OWASP Cloud Top 10
OWASP Cloud Top 10Ludovic Petit
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
 
The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help Niklas Hjorthen
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110guestd7fc9c
 
Curb to core White Paper
Curb to core White PaperCurb to core White Paper
Curb to core White PaperRyan Hadden
 
Is There Sun Behind Those Clouds
Is There Sun Behind Those CloudsIs There Sun Behind Those Clouds
Is There Sun Behind Those CloudsJanine Anthony Bowen, Esq.
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe
 
Managing Information Asset Register
Managing Information Asset RegisterManaging Information Asset Register
Managing Information Asset RegisterBen Omoakin Oguntala, developingafrica(dot)net
 
Understanding Minimizing And Mitigating Risk In Cloud Computing
Understanding Minimizing And Mitigating Risk In Cloud ComputingUnderstanding Minimizing And Mitigating Risk In Cloud Computing
Understanding Minimizing And Mitigating Risk In Cloud ComputingJanine Anthony Bowen, Esq.
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
 
Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Erik Ginalick
 
Contracting in the Cloud by Tammy Bortz
Contracting in the Cloud by Tammy BortzContracting in the Cloud by Tammy Bortz
Contracting in the Cloud by Tammy Bortzitnewsafrica
 
Cloud Security
Cloud Security Cloud Security
Cloud Security Hi-Tech College
 
Data Without Borders
Data Without BordersData Without Borders
Data Without BordersNair and Co.
 
Storage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented dataStorage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented dataHybrid Cloud
 
Perspecsys - TOKENISATION FOR CLOUD DATA PROTECTION
Perspecsys - TOKENISATION FOR CLOUD DATA PROTECTIONPerspecsys - TOKENISATION FOR CLOUD DATA PROTECTION
Perspecsys - TOKENISATION FOR CLOUD DATA PROTECTIONSalesforce Deutschland
 
The History of Security
The History of Security The History of Security
The History of Security PerspecSys
 

Contenu connexe

Tendances

Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-clouddrewz lin
 
cloud-security
cloud-securitycloud-security
cloud-securityAsun Sada
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkIOSR Journals
 
Securing_Medical_Imaging_in_the_Cloud_Whitepaper
Securing_Medical_Imaging_in_the_Cloud_WhitepaperSecuring_Medical_Imaging_in_the_Cloud_Whitepaper
Securing_Medical_Imaging_in_the_Cloud_Whitepaperlaurenstill
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law Owako Rodah
 
The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help Niklas Hjorthen
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDEryk Budi Pratama
 
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110guestd7fc9c
 
Curb to core White Paper
Curb to core White PaperCurb to core White Paper
Curb to core White PaperRyan Hadden
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe
 
Understanding Minimizing And Mitigating Risk In Cloud Computing
Understanding Minimizing And Mitigating Risk In Cloud ComputingUnderstanding Minimizing And Mitigating Risk In Cloud Computing
Understanding Minimizing And Mitigating Risk In Cloud ComputingJanine Anthony Bowen, Esq.
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
 
Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Erik Ginalick
 
Contracting in the Cloud by Tammy Bortz
Contracting in the Cloud by Tammy BortzContracting in the Cloud by Tammy Bortz
Contracting in the Cloud by Tammy Bortzitnewsafrica
 
Data Without Borders
Data Without BordersData Without Borders
Data Without BordersNair and Co.
 
Storage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented dataStorage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented dataHybrid Cloud
 

Tendances (20)

Asset 1 security-in-the-cloud
Asset 1 security-in-the-cloudAsset 1 security-in-the-cloud
Asset 1 security-in-the-cloud
 
cloud-security
cloud-securitycloud-security
cloud-security
 
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure FrameworkSecurity and Privacy Issues of Cloud Computing; Solutions and Secure Framework
Security and Privacy Issues of Cloud Computing; Solutions and Secure Framework
 
Securing_Medical_Imaging_in_the_Cloud_Whitepaper
Securing_Medical_Imaging_in_the_Cloud_WhitepaperSecuring_Medical_Imaging_in_the_Cloud_Whitepaper
Securing_Medical_Imaging_in_the_Cloud_Whitepaper
 
OWASP Cloud Top 10
OWASP Cloud Top 10OWASP Cloud Top 10
OWASP Cloud Top 10
 
The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law The Summary Guide to Compliance with the Kenya Data Protection Law
The Summary Guide to Compliance with the Kenya Data Protection Law
 
The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help The EU General Protection Regulation and how Oracle can help
The EU General Protection Regulation and how Oracle can help
 
The Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA IDThe Art of Cloud Auditing - ISACA ID
The Art of Cloud Auditing - ISACA ID
 
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
C:\Fakepath\Cloud Computing Mitigating Risk Fmb 0110
 
Curb to core White Paper
Curb to core White PaperCurb to core White Paper
Curb to core White Paper
 
Is There Sun Behind Those Clouds
Is There Sun Behind Those CloudsIs There Sun Behind Those Clouds
Is There Sun Behind Those Clouds
 
TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0TRUSTe Online Security Guidelines v2.0
TRUSTe Online Security Guidelines v2.0
 
Managing Information Asset Register
Managing Information Asset RegisterManaging Information Asset Register
Managing Information Asset Register
 
Understanding Minimizing And Mitigating Risk In Cloud Computing
Understanding Minimizing And Mitigating Risk In Cloud ComputingUnderstanding Minimizing And Mitigating Risk In Cloud Computing
Understanding Minimizing And Mitigating Risk In Cloud Computing
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
 
Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991Managed Security For A Not So Secure World Wp090991
Managed Security For A Not So Secure World Wp090991
 
Contracting in the Cloud by Tammy Bortz
Contracting in the Cloud by Tammy BortzContracting in the Cloud by Tammy Bortz
Contracting in the Cloud by Tammy Bortz
 
Cloud Security
Cloud Security Cloud Security
Cloud Security
 
Data Without Borders
Data Without BordersData Without Borders
Data Without Borders
 
Storage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented dataStorage Made Easy solution to fragmented data
Storage Made Easy solution to fragmented data
 

En vedette

Perspecsys - TOKENISATION FOR CLOUD DATA PROTECTION
Perspecsys - TOKENISATION FOR CLOUD DATA PROTECTIONPerspecsys - TOKENISATION FOR CLOUD DATA PROTECTION
Perspecsys - TOKENISATION FOR CLOUD DATA PROTECTIONSalesforce Deutschland
 
The History of Security
The History of Security The History of Security
The History of Security PerspecSys
 
Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...
Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...
Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...Mark Silverberg
 
CipherCloud Technology Overview: Tokenization
CipherCloud Technology Overview: TokenizationCipherCloud Technology Overview: Tokenization
CipherCloud Technology Overview: TokenizationCipherCloud
 
CipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: EncryptionCipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: EncryptionCipherCloud
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud
 

En vedette (7)

Perspecsys - TOKENISATION FOR CLOUD DATA PROTECTION
Perspecsys - TOKENISATION FOR CLOUD DATA PROTECTIONPerspecsys - TOKENISATION FOR CLOUD DATA PROTECTION
Perspecsys - TOKENISATION FOR CLOUD DATA PROTECTION
 
The History of Security
The History of Security The History of Security
The History of Security
 
Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...
Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...
Cloud Encryption Gateways (how enterprises can leverage cloud SaaS without co...
 
CipherCloud Technology Overview: Tokenization
CipherCloud Technology Overview: TokenizationCipherCloud Technology Overview: Tokenization
CipherCloud Technology Overview: Tokenization
 
CipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: EncryptionCipherCloud Technology Overview: Encryption
CipherCloud Technology Overview: Encryption
 
CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101CipherCloud Webinar - Cloud Encryption & Tokenization 101
CipherCloud Webinar - Cloud Encryption & Tokenization 101
 
Cloud security ppt
Cloud security pptCloud security ppt
Cloud security ppt
 

Similaire à Perspec sys knowledge_series__solving_privacy_residency_and_security

Data Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdfData Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdfCiente
 
10 Tips for CIOs - Data Security in the Cloud
10 Tips for CIOs - Data Security in the Cloud10 Tips for CIOs - Data Security in the Cloud
10 Tips for CIOs - Data Security in the CloudPeak 10
 
Cloud computing
Cloud computingCloud computing
Cloud computingHira Zahan
 
Hybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfHybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfmanoharparakh
 
10 Tips for CIOS Data Security in the Cloud
10 Tips for CIOS Data Security in the Cloud10 Tips for CIOS Data Security in the Cloud
10 Tips for CIOS Data Security in the CloudIron Mountain
 
Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industryCloudMask inc.
 
Cutting To The Chase: Cloud From A Customers Perspective
Cutting To The Chase: Cloud From A Customers PerspectiveCutting To The Chase: Cloud From A Customers Perspective
Cutting To The Chase: Cloud From A Customers PerspectiveJanine Anthony Bowen, Esq.
 
Research Report on Preserving Data Confidentiality & Data Integrity in ...
Research Report on Preserving Data Confidentiality & Data Integrity in ...Research Report on Preserving Data Confidentiality & Data Integrity in ...
Research Report on Preserving Data Confidentiality & Data Integrity in ...Manish Sahani
 
Cloud Security POV_Final (by KM)
Cloud Security POV_Final (by KM)Cloud Security POV_Final (by KM)
Cloud Security POV_Final (by KM)Khiro Mishra
 
Cloud Computing - A future prerogative
Cloud Computing - A future prerogativeCloud Computing - A future prerogative
Cloud Computing - A future prerogativeWayne Poggenpoel
 
Five cloud security tips
Five cloud security tipsFive cloud security tips
Five cloud security tipsServiceMesh
 
Symantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageCitrix
 
Cloud Types and Security- Which one is right for you?
Cloud Types and Security- Which one is right for you?Cloud Types and Security- Which one is right for you?
Cloud Types and Security- Which one is right for you?Fuji Xerox Asia Pacific
 

Similaire à Perspec sys knowledge_series__solving_privacy_residency_and_security (20)

Data Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdfData Privacy And Security Issues In Cloud Computing.pdf
Data Privacy And Security Issues In Cloud Computing.pdf
 
10 Tips for CIOs - Data Security in the Cloud
10 Tips for CIOs - Data Security in the Cloud10 Tips for CIOs - Data Security in the Cloud
10 Tips for CIOs - Data Security in the Cloud
 
Cloud computing
Cloud computingCloud computing
Cloud computing
 
Encrypt-Everything-eB.pdf
Encrypt-Everything-eB.pdfEncrypt-Everything-eB.pdf
Encrypt-Everything-eB.pdf
 
Hybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdfHybrid & Multi-cloud Environment.pdf
Hybrid & Multi-cloud Environment.pdf
 
10 Tips for CIOS Data Security in the Cloud
10 Tips for CIOS Data Security in the Cloud10 Tips for CIOS Data Security in the Cloud
10 Tips for CIOS Data Security in the Cloud
 
Securing sensitive data for the health care industry
Securing sensitive data for the health care industrySecuring sensitive data for the health care industry
Securing sensitive data for the health care industry
 
Cutting To The Chase: Cloud From A Customers Perspective
Cutting To The Chase: Cloud From A Customers PerspectiveCutting To The Chase: Cloud From A Customers Perspective
Cutting To The Chase: Cloud From A Customers Perspective
 
Research Report on Preserving Data Confidentiality & Data Integrity in ...
Research Report on Preserving Data Confidentiality & Data Integrity in ...Research Report on Preserving Data Confidentiality & Data Integrity in ...
Research Report on Preserving Data Confidentiality & Data Integrity in ...
 
4.5.cloud security
4.5.cloud security4.5.cloud security
4.5.cloud security
 
Cloud Security POV_Final (by KM)
Cloud Security POV_Final (by KM)Cloud Security POV_Final (by KM)
Cloud Security POV_Final (by KM)
 
1784 1788
1784 17881784 1788
1784 1788
 
1784 1788
1784 17881784 1788
1784 1788
 
Cloud Computing - A future prerogative
Cloud Computing - A future prerogativeCloud Computing - A future prerogative
Cloud Computing - A future prerogative
 
Data Sovereignty and the Cloud
Data Sovereignty and the CloudData Sovereignty and the Cloud
Data Sovereignty and the Cloud
 
Five cloud security tips
Five cloud security tipsFive cloud security tips
Five cloud security tips
 
Cloud
CloudCloud
Cloud
 
Symantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR ComplianceSymantec Webinar Part 2 of 6 GDPR Compliance
Symantec Webinar Part 2 of 6 GDPR Compliance
 
Manage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usageManage risk by protecting apps, data and usage
Manage risk by protecting apps, data and usage
 
Cloud Types and Security- Which one is right for you?
Cloud Types and Security- Which one is right for you?Cloud Types and Security- Which one is right for you?
Cloud Types and Security- Which one is right for you?
 

Plus de Accenture

Certify 2014trends-report
Certify 2014trends-reportCertify 2014trends-report
Certify 2014trends-reportAccenture
 
Calabrio analyze
Calabrio analyzeCalabrio analyze
Calabrio analyzeAccenture
 
Tier 2 net app baseline design standard revised nov 2011
Tier 2 net app baseline design standard revised nov 2011Tier 2 net app baseline design standard revised nov 2011
Tier 2 net app baseline design standard revised nov 2011Accenture
 
Perf stat windows
Perf stat windowsPerf stat windows
Perf stat windowsAccenture
 
Performance problems on ethernet networks when the e0m management interface i...
Performance problems on ethernet networks when the e0m management interface i...Performance problems on ethernet networks when the e0m management interface i...
Performance problems on ethernet networks when the e0m management interface i...Accenture
 
NetApp system installation workbook Spokane
NetApp system installation workbook SpokaneNetApp system installation workbook Spokane
NetApp system installation workbook SpokaneAccenture
 
Migrate volume in akfiler7
Migrate volume in akfiler7Migrate volume in akfiler7
Migrate volume in akfiler7Accenture
 
Migrate vol in akfiler7
Migrate vol in akfiler7Migrate vol in akfiler7
Migrate vol in akfiler7Accenture
 
Data storage requirements AK
Data storage requirements AKData storage requirements AK
Data storage requirements AKAccenture
 
C mode class
C mode classC mode class
C mode classAccenture
 
Akfiler upgrades providence july 2012
Akfiler upgrades providence july 2012Akfiler upgrades providence july 2012
Akfiler upgrades providence july 2012Accenture
 
Reporting demo
Reporting demoReporting demo
Reporting demoAccenture
 
Net app virtualization preso
Net app virtualization presoNet app virtualization preso
Net app virtualization presoAccenture
 
Providence net app upgrade plan PPMC
Providence net app upgrade plan PPMCProvidence net app upgrade plan PPMC
Providence net app upgrade plan PPMCAccenture
 
WSC Net App storage for windows challenges and solutions
WSC Net App storage for windows challenges and solutionsWSC Net App storage for windows challenges and solutions
WSC Net App storage for windows challenges and solutionsAccenture
 
50,000-seat_VMware_view_deployment
50,000-seat_VMware_view_deployment50,000-seat_VMware_view_deployment
50,000-seat_VMware_view_deploymentAccenture
 
Tr 3998 -deployment_guide_for_hosted_shared_desktops_and_on-demand_applicatio...
Tr 3998 -deployment_guide_for_hosted_shared_desktops_and_on-demand_applicatio...Tr 3998 -deployment_guide_for_hosted_shared_desktops_and_on-demand_applicatio...
Tr 3998 -deployment_guide_for_hosted_shared_desktops_and_on-demand_applicatio...Accenture
 
Tr 3749 -net_app_storage_best_practices_for_v_mware_vsphere,_dec_11
Tr 3749 -net_app_storage_best_practices_for_v_mware_vsphere,_dec_11Tr 3749 -net_app_storage_best_practices_for_v_mware_vsphere,_dec_11
Tr 3749 -net_app_storage_best_practices_for_v_mware_vsphere,_dec_11Accenture
 
Snap mirror source to tape to destination scenario
Snap mirror source to tape to destination scenarioSnap mirror source to tape to destination scenario
Snap mirror source to tape to destination scenarioAccenture
 

Plus de Accenture (20)

Certify 2014trends-report
Certify 2014trends-reportCertify 2014trends-report
Certify 2014trends-report
 
Calabrio analyze
Calabrio analyzeCalabrio analyze
Calabrio analyze
 
Tier 2 net app baseline design standard revised nov 2011
Tier 2 net app baseline design standard revised nov 2011Tier 2 net app baseline design standard revised nov 2011
Tier 2 net app baseline design standard revised nov 2011
 
Perf stat windows
Perf stat windowsPerf stat windows
Perf stat windows
 
Performance problems on ethernet networks when the e0m management interface i...
Performance problems on ethernet networks when the e0m management interface i...Performance problems on ethernet networks when the e0m management interface i...
Performance problems on ethernet networks when the e0m management interface i...
 
NetApp system installation workbook Spokane
NetApp system installation workbook SpokaneNetApp system installation workbook Spokane
NetApp system installation workbook Spokane
 
Migrate volume in akfiler7
Migrate volume in akfiler7Migrate volume in akfiler7
Migrate volume in akfiler7
 
Migrate vol in akfiler7
Migrate vol in akfiler7Migrate vol in akfiler7
Migrate vol in akfiler7
 
Data storage requirements AK
Data storage requirements AKData storage requirements AK
Data storage requirements AK
 
C mode class
C mode classC mode class
C mode class
 
Akfiler upgrades providence july 2012
Akfiler upgrades providence july 2012Akfiler upgrades providence july 2012
Akfiler upgrades providence july 2012
 
NA notes
NA notesNA notes
NA notes
 
Reporting demo
Reporting demoReporting demo
Reporting demo
 
Net app virtualization preso
Net app virtualization presoNet app virtualization preso
Net app virtualization preso
 
Providence net app upgrade plan PPMC
Providence net app upgrade plan PPMCProvidence net app upgrade plan PPMC
Providence net app upgrade plan PPMC
 
WSC Net App storage for windows challenges and solutions
WSC Net App storage for windows challenges and solutionsWSC Net App storage for windows challenges and solutions
WSC Net App storage for windows challenges and solutions
 
50,000-seat_VMware_view_deployment
50,000-seat_VMware_view_deployment50,000-seat_VMware_view_deployment
50,000-seat_VMware_view_deployment
 
Tr 3998 -deployment_guide_for_hosted_shared_desktops_and_on-demand_applicatio...
Tr 3998 -deployment_guide_for_hosted_shared_desktops_and_on-demand_applicatio...Tr 3998 -deployment_guide_for_hosted_shared_desktops_and_on-demand_applicatio...
Tr 3998 -deployment_guide_for_hosted_shared_desktops_and_on-demand_applicatio...
 
Tr 3749 -net_app_storage_best_practices_for_v_mware_vsphere,_dec_11
Tr 3749 -net_app_storage_best_practices_for_v_mware_vsphere,_dec_11Tr 3749 -net_app_storage_best_practices_for_v_mware_vsphere,_dec_11
Tr 3749 -net_app_storage_best_practices_for_v_mware_vsphere,_dec_11
 
Snap mirror source to tape to destination scenario
Snap mirror source to tape to destination scenarioSnap mirror source to tape to destination scenario
Snap mirror source to tape to destination scenario
 

Perspec sys knowledge_series__solving_privacy_residency_and_security

  • 1. THE PERSPECSYS KNOWLEDGE SERIES Solving Privacy, Residency and Security in the Cloud PerpecSys Inc. ©2012. All rights reserved.
  • 2. Data Compliance and the Enterprise Cloud Computing is generating an incredible amount of excitement and interest from companies of every size, across every business category. It is the most transformative technology in decades and heralds an evolution in computing that has virtually every analyst group declaring that Cloud Computing is the new computing paradigm. In response to concerns about information access and usage, by both public and private corporations, Cloud Computing has spawned an entirely new body of law, generated new policies, created new standards, and raised new concerns. Whether government imposed regulations within a given jurisdiction like the Patriot Act, PIPEDA, or the EU Data Protection Directive, or industry-specific regulations such as Payment Card Industry (PCI) for retailers, HIPAA for healthcare information, or Sarbanes Oxley for enterprises, organizations must adhere to an ever-changing set of standards, laws, and guidelines in order to safeguard their company’s private and business sensitive data and still comply with the law. So how can public and private sector companies leverage the enumerable and quantifiable benefits of the cloud, while maintaining total control over their corporation’s private and business sensitive data? Enter the Cloud At the most basic level, the procurement of a cloud service is like any other purchase, firms must assess the operational risk and compliance implications as they do with any other application or service. Exposures that may be associated with a cloud service and which warrant particular attention include:  Data privacy, restrictions on access to data (whether by the organization, industry, or government regulators)  Data residency, where the data resides  Compliance with privacy regulations across the geographies in which the service is being employed It is time to address the cloud’s opportunities with respect to its challenges. More specifically, the challenges the cloud represents in terms of privacy, residency and security. The PerspecSys PRS solution is the only proven commercial solution that allows companies to run their business applications in the cloud and store their private and business-sensitive data behind their corporate firewall. The PerspecSys PRS solution is designed to assist those organizations that want to leverage cloud computing, but are constrained by compliance, regulatory, political, or policy requirements. PerpecSys Inc. ©2012. All rights reserved.
  • 3. Cloud Adoption Challenges Organizations want to maintain control over their data for business, political, Privacy policy, legislative, competitive, and technical compliance reasons. In many cases, in order to comply with specific privacy requirements, business-sensitive information must be While primarily driven by regulatory managed more stringently than non-sensitive data. As a requirements with respect to data result, some cloud adoption strategies involve keeping control, companies are also concerned sensitive information within the enterprise (i.e. out of about cloud application’s ability to be the cloud), and non-sensitive information can be stored mission critical. The PerspecSys PRS in the cloud. solution enables enterprise adoption by extending the cloud application’s Privacy, Residency, and Security capabilities, providing support for disaster recovery planning, backup and Residency recovery, access control, business Where is the data? Who has access to it? Who controls continuity, and other characteristics it? Who manages it? What laws and jurisdiction govern that define an application as mission it? In the current state of cloud computing law, keeping critical. The PRS solution can also data behind the corporate firewall is the only strategy address cloud adoption fears about that can be said to guarantee which jurisdiction will vendor lock-in, meeting service-level govern it. Keeping private and sensitive data in the agreements, losing control of underlying cloud exposes it to multiple jurisdictions for many years infrastructure, having the ability to to come. selectively interoperate with multiple clouds, and integrate with current in- house applications. Information Privacy and Security Security Since the organization is liable and culpable for any Most jurisdictions around the globe and all data breaches, which can result in very have adopted some form of information significant penalties, data security and risk analysis has privacy regulations. Indeed, these been a part of any systems operations compliance regulations vary from location to policy for decades. Cloud computing requires an location, making it very difficult to additional layer of security and engenders an determine which location has additional layer of risk. Who can access your data? jurisdiction over your data. High-end How can they access it? How do you maintain control theft of corporate information for the over your business sensitive data? purposes of identity theft have engendered regulatory compliance PerpecSys Inc. ©2012. All rights reserved.
  • 4. requirements forcing organizations to manage ’private or personal’ information in a much more secure manner, or face the legal consequences. Most prevalent in the financial services, health care, and public sectors, organizations must adopt stringent business processes and procedures for the management of private and business sensitive information. Data Residency Going beyond information privacy and security, many jurisdictions have enacted specific legislation regarding the location and handling of specific pieces of information. For example:  Many financial services institutions are required to have personal information (PI) always locally resident.  Compliance requirements prohibit certain forms of information from leaving the jurisdiction altogether.  Information cannot leave the enterprise or even the department, because information in transit is subject to the laws of multiple jurisdictions.  Companies entrusted with healthcare, some public sector, and/or PI data are often required by law to store and manage data locally, and guarantee that no foreign national has access to the data.  Laws governing data residency and privacy apply to all the operations on the data, including data backup, which often must be conducted within the enterprise, or at a minimum, within the governing jurisdiction or boundaries defined by the specific statute. In many instances, cloud vendors store data in one geography, but back up the data in another geography, breaking jurisdictional compliance requirements. With these data compliance requirements, Cloud adoption is often constrained, with some organizations opting to only use a limited subset of the functionality, while others forgo usage of cloud- based applications altogether. The PerspecSys PRS Solution The PerspecSys PRS solution is comprised of a series of software components that can be deployed with flexible configuration options to meet a wide range of requirements. PerspecSys PRS Server The core of any PerspecSys PRS solution is the PerspecSys PRS Server. The PerspecSys PRS Server provides the main privacy, residency, and security data management services. No programming is required—the server is graphically installed and configured, designed to be run with very little management support. Cloud application-specific requirements are supported by installing and configuring application-specific adaptors. PerpecSys Inc. ©2012. All rights reserved.
  • 5. PerspecSys PRS Reverse Proxy Server The PerspecSys PRS Reverse Proxy Server allows organizations with sophisticated internet access requirements to employ reverse proxy and proxy chain strategies for cloud application access. The PerspecSys PRS Reverse Proxy Server allows cloud application customers to further secure their cloud application access by mitigating risks normally associated with cloud security, including phishing attacks, unauthorized external access, and denial of service attacks. The PerspecSys PRS Reverse Proxy Server complements cloud application access and security configurations to ensure that only authorized users can access the cloud application from the enterprise. When coupled with the PerspecSys PRS Server, the PerspecSys PRS Reverse Proxy Server adds a powerful dimension to the security aspects of cloud data compliance. PerspecSys PRS MTA Server The PerspecSys PRS MTA Server is a Mail Transfer Agent that works in conjunction with a cloud application’s email services. Cloud applications may allow users to directly email customers and contacts from within the application, using standard templates, marketing campaign services, and other email- related functionality. However, if the email address and associated contact information is considered sensitive, this functionality typically cannot be used if the sensitive contact information is not in the cloud application. The PerspecSys PRS MTA Server allows the cloud application to leverage PRS services from the PerspecSys PRS Server, thereby restoring the real email address and other sensitive information within the email, and then forwarding the email on to the corporate email server for delivery, while not exposing the sensitive email information to the cloud application. The PRS MTA Server has the added benefit of ensuring that email from your organization is routed through your own mail servers, leveraging the existing investment in corporate email security, handling polices, and support systems such as spam filtering and virus detection. PerpecSys Inc. ©2012. All rights reserved.
  • 6. The PerspecSys PRS Solution at Work Privacy Sitting between the enterprise desktop browser and company’s firewall, the PerspecSys PRS solution seamlessly intercepts the conversations between users and the cloud applications, replacing business sensitive data with replacement data in the cloud application. As defined by the organization, information that cannot, or should not, leave the enterprise or jurisdiction remains in a database behind the organization’s firewall, while cloud application users experience virtually all of the functionality of the cloud application, regardless of where the data resides. The PerspecSys PRS solution is also capable of "encryption on the fly". Instead of storing and managing the information locally, information is encrypted before it is sent to the Cloud application, and decrypted on the return. The cloud application data itself, if accessed directly, would appear only as an encrypted list of values. In this way, if the PerspecSys PRS solution or the Cloud application is ever compromised, the attacker would not be able to piece together any usable information as it is not in any usable format. The key value of the PerspecSys PRS solution is the preservation of functionality, including searching, reporting, integration, customization, and other cloud application functionality required by the enterprise, even though the cloud application contains no sensitive data. Residency For Data Residency, the PerspecSys PRS solution is able to identify specific pieces of data, save them to a local database, and send randomly generated replacement values (tokens) to the Cloud application. The real data stays resident locally, governed by local statutes and operating under corporate policy. The PerpecSys Inc. ©2012. All rights reserved.
  • 7. Cloud application operates with the replacement information. The key point is that there is no physical way that the real data can be derived from the token value. The PerspecSys PRS solution allows you to categorize cloud application data into four categories: 1. Tokens 2. Sortable Tokens 3. Encrypted Values 4. Clear Text Data, on a field-by-field basis, is protected by one of these obfuscation strategies. Users accessing the cloud application through the PerspecSys PRS solution can perform advanced searches (wildcards included) on the data, no matter how it was obfuscated. Security One optional component of the PerspecSys PRS solutions is the PerspecSys PRS Reverse Proxy Server. The PerspecSys PRS Reverse Proxy Server ensures that only authorized access to the cloud application occurs from the organization. When properly configured, the PerspecSys PRS Reverse Proxy Server creates a secure authentication link between your organization and the cloud. The PerspecSys PRS solution also extends the cloud application security model by making it finer grained. This includes, for example, restricting access to specific information based on the user’s Looking forward there is little doubt that cloud computing location. This ensures compliance with will play an increasingly important role for both public and jurisdictional requirements, for private enterprises. Organizations that employ cloud example, Swiss bank laws where platforms will benefit from the increased scalability, information should not leave a security, and portability of their cloud-based applications. particular jurisdiction. The PerspecSys Cloud applications will also help companies significantly PRS solution can also extend access reduce time-to-market, realize substantial cost-savings and controls, such as Single Sign On (SSO), react more quickly to changing market conditions. With to be more flexible, especially in multi- these and other benefits, cloud computing is here to stay. jurisdictional implementations of the If your organization really wants to leverage all the cloud application. advantages that the cloud has to offer while addressing your privacy, residency, and security concerns, contact PerspecSys to find out how the PRS solution can work for you. Contact us today to learn more. P (905) 857-0411 E sales@perspecsys.com PerspecSys, the PerspecSys logo and the PerspecSys Information ServerPRS Server™ logo are trademarks or registered trademarks of PerspecSys Inc. in Canada, other countries or both. All rights reserved. product, and service names, may be trademarks or service marks of others. References in this PerpecSys Inc. ©2012. Other company images, publication to PerspecSys products or services do not imply that PerspecSys intends to make them available in all countries in which PerspecSys operates.