Cloud & Data Security

 

Ensure the confidentiality of your data in SaaS

Digital transformation leads companies to adopt the SaaS (Software as a Service) model in their business applications, such as Office 365, to enjoy its benefits: costs, availability and accessibility. Along with these benefits, SaaS brings new threats to the confidentiality of company information: Can I trust my service provider? And governmental agencies? Do I still comply with regulatory requirements after moving my data to the cloud?

SaaS Encryption helps answer these questions by protecting the confidentiality of company information in the cloud of the SaaS provider.


SaaS Encryption is:

  • Innovation: supported by the technology of our Technology Alliance Partner (TAP) Vaultive.
  • Confidentiality: encryption (AES-256) of the information in the SaaS provider environment (currently email in Office 365).
  • Functionality: respects the format of the information in the application.
  • Accessibility and usability: protection applied independently of the user’s device and location.
  • Compliance: encryption keys only held and managed by the client.

 

Benefits:

  • Encryption of information at rest, in transit and in use. Follows the best security practices of the Cloud Security Alliance (CSA) for the use of cloud services.
  • Confidentiality assured since the client owns and manages the encryption keys, which remain always unknown by the cloud service provider.
  • Privacy of information and access control with a trusted partner: Telefónica.
  • Transparent user experience that maintains application functionality for the end user (search, indexing and sorting).
  • Help with regulatory compliance (GDPR) and normative compliance (PCI-DSS).

Who is it intended for?

SaaS Encryption is designed for and focused on companies that want to migrate business applications to the cloud and need to ensure the confidentiality of their information when faced with the service provider, government agencies and unauthorized third parties.

  • Companies with especially sensitive information: intellectual and industrial property, mergers and acquisitions…
  • Companies with compliance needs: regulated sectors, banking (PCI-DSS), companies that process personal information (GDPR).