Protecting data in the Cloud

Vormetric has released Vormetric for SaaS Providers. Security and compliance concerns have always hindered broad adoption of SaaS solutions by enterprise customers. Vormetric for SaaS Providers includes critical security controls that enable SaaS providers to address the most important of these concerns, and make broad enterprise adoption a reality. The solution includes field, file and folder encryption and associated data security controls that can be used to transparently shield enterprise customer data within SaaS environments from exposure to both the SaaS provider, and to any attackers that may compromise a SaaS environment.

  • 9 years ago Posted in

Already integrated into the offerings of more than 20 leading SaaS providers today, Vormetric makes it easy to overcome top security and compliance issues perceived by enterprises with SaaS: multi-tenancy, additional privileged user threats, security infrastructure visibility, lack of visibility into SaaS personnel roles, hiring practices and data access. Vormetric’s SaaS customers today include a top-tier business intelligence provider, and SaaS providers specialising in financial services, healthcare, human capital management, travel, legal, real estate and more.

“AirVault’s secure, cloud-based document management software services are trusted by the world’s most successful airlines to manage the maintenance records of their global commercial aircraft fleets. To earn the continued trust of the global aviation community we have made security and data integrity mission-critical imperatives,” said CEO of AirVault, John Oldham. “Vormetric enables us to protect this information while also addressing multiple compliance mandates from the many governing bodies involved.”

“Our leading SaaS-based talent recruitment and management solutions help over 250 customers to recruit and hire smarter. Our multi-national reach requires that we must meet rigorous standards for protecting the confidentiality of employee, recruit and corporate data,” said Guus Meijer, COO of Connexys BV. “With Vormetric, we are able to protect this critical information against data breaches, and meet requirements for protecting sensitive personal information across multiple countries with a single solution.”

With 60 percent of enterprises globally storing sensitive data within SaaS environments (Source: 2015 Vormetric Insider Threat Report), SaaS services are already a top security concern for enterprise data. Key to broad enterprise adoption of SaaS offerings is the ability to secure enterprise data from access by the SaaS provider, from other SaaS customers, or from compromises of the SaaS provider’s infrastructure – while also meeting compliance requirements (such as PCI DSS, HIPAA/HITECH and others). Vormetric for SaaS Providers explicitly meets these needs, enabling SaaS standard or optional offerings that include field, file and folder level encryption with access controls. These capabilities enable SaaS providers to:

Safeguard sensitive information from data breaches and other loss or theft by providing encryption and access controls for SaaS data, while keeping encryption keys and access policy management separate from SaaS infrastructure.
Meet compliance requirements that include encryption, access controls and audit information for regulated data at both the file and folder level, and within SaaS applications.

“CSPs will continue to enhance their security features: Because one of the key challenges facing SaaS providers is customer concerns over the security of their data and who is accessing it, we expect CSPs to increasingly bolster the security features and richness of security APIs they offer to allay these concerns and build trust among clients. Many CSPs have already started to add or enhance data protection features such as encryption for data at rest.” Gartner Securing SaaS Using Cloud Access Security Brokers, Ramon Krikken, and June 18, 2015.

Two trust models are available to create secure offerings:
Encrypt in the Cloud, keys at the SaaS provider: SaaS providers encrypt data for customers, with access policies and encryption keys managed from within the SaaS infrastructure (by the SaaS provider or the enterprise customer).
Encrypt in the Cloud, keys in the enterprise: Enterprises hold and manage their own encryption keys and access policies. The SaaS infrastructure uses these keys and policies to encrypt data used within the SaaS application, effectively preventing any SaaS provider access to enterprise keys, and enterprise data.

Beyond critical features and capabilities for integration with SaaS infrastructure, flexible models for doing business are also essential to meeting the needs of SaaS providers. Pay as you go, scalable and customisable terms matched to SaaS provider business models make it easy to partner with Vormetric.

“Vormetric for SaaS Providers is a game changer. Enterprise security concerns about SaaS data-at-rest security, risk reduction, privacy and compliance have always inhibited enterprise SaaS adoption,” said vice president of cloud for Vormetric, C.J. Radford. “SaaS providers who visibly embrace Vormetric to lock down their customer’s information immediately reap the benefits of increased customer trust and confidence, while also differentiating their brand, reducing liability and unlocking new revenue opportunities.”

New state-of-the-art data centre features Vultr’s first AMD GPU supercompute cluster.
Only a quarter (25%) think their approach to the cloud is carefully considered and successful.
Moving to AWS Cloud will enable The Co-operative Bank to adopt cutting edge IT Infrastructure.
The global airline group will upgrade the value of its data and get its AI & generative AI ready...
Barracuda Networks’s award-winning Email Protection and Cloud Backup security solutions will be...
Leading company in renewables to leverage HPE’s unique turnkey AI infrastructure solution to...
The four-year project extension focuses on cloud transformation and enhanced operational efficiency...
Businesses in the UK are risking slower development as they fail to fully embrace technologies that...