Cloud & Data Security
Ensure the confidentiality of your data in SaaS
Digital transformation leads companies to adopt the SaaS (Software as a Service) model in their business applications, such as Office 365, to enjoy its benefits: costs, availability and accessibility. Along with these benefits, SaaS brings new threats to the confidentiality of company information: Can I trust my service provider? And governmental agencies? Do I still comply with regulatory requirements after moving my data to the cloud?
SaaS Encryption helps answer these questions by protecting the confidentiality of company information in the cloud of the SaaS provider.
SaaS Encryption is:
- Innovation: supported by the technology of our Technology Alliance Partner (TAP) Vaultive.
- Confidentiality: encryption (AES-256) of the information in the SaaS provider environment (currently email in Office 365).
- Functionality: respects the format of the information in the application.
- Accessibility and usability: protection applied independently of the user’s device and location.
- Compliance: encryption keys only held and managed by the client.
- Encryption of information at rest, in transit and in use. Follows the best security practices of the Cloud Security Alliance (CSA) for the use of cloud services.
- Confidentiality assured since the client owns and manages the encryption keys, which remain always unknown by the cloud service provider.
- Privacy of information and access control with a trusted partner: Telefónica.
- Transparent user experience that maintains application functionality for the end user (search, indexing and sorting).
- Help with regulatory compliance (GDPR) and normative compliance (PCI-DSS).
Who is it intended for?
SaaS Encryption is designed for and focused on companies that want to migrate business applications to the cloud and need to ensure the confidentiality of their information when faced with the service provider, government agencies and unauthorized third parties.
- Companies with especially sensitive information: intellectual and industrial property, mergers and acquisitions…
- Companies with compliance needs: regulated sectors, banking (PCI-DSS), companies that process personal information (GDPR).
SaaS Encryption adapts to the specific needs of your organization to protect the confidentiality of your information. Contact us for more information.
The incoming and outgoing traffic for the secured application is routed to an encryption proxy located between the user and the cloud of the service provider (Exchange Online – Office 365).
- Encryption of all the information in the company email in trust infrastructure, protecting its confidentiality in transit and at rest in the application.
- Applied encryption (AES-256) that preserves the format of the information in all parts of the emails: subject, body, attachments…
- Client keys stored in the encryption proxy.
- Access to the information through the encryption proxy (OWA, Outlook 365), allowing the end user to restrict access with an additional factor (Latch tool).
- Management console for importing, creating and managing protected keys and users.
- Possibility of deployment in client infrastructure.