Vaultive Platform for SaaS
Vaultive’s configurable encryption engine secures and protects data in almost any cloud-based service, including custom software. Vaultive’s extensible encryption in use platform supports a broad range of standard Web protocols, and provides a set of options for customers to define field-level enforcement policies for software as a service (SaaS) applications based on security, compliance and governance requirements.
Vaultive Platform for SaaS Feature Overview
- Strong encryption scheme that can implement AES 256-bit encryption with nearly any cloud application – no use made of deterministic word-level encryption to preserve server-side functionality.
- Operates as a network-level proxy, encrypting data at the edge of your corporate network, before sending it to the cloud service provider – serving as a demarcation point between the cloud and corporate network.
- No changes or modifications are required to target SaaS applications to implement encryption in use.
- The customer always retains the encryption keys – ensuring adherence to cloud security best practices and regulatory requirements.
- Server-side functionality, such as search, sort and indexing is maintained without ever decrypting the data.
- No additional database is required to enable processing, such as indexing, of persistently encrypted cloud data.
- Vaultive does not cache or store data to maintain application functionality.
“No changes are made to the SaaS applications; and server-side functionality, such as search, sort and indexing is maintained without ever decrypting the data.”
With Vaultive’s persistent encryption in place, customers can rest assured knowing that in the event of a data breach, inadvertent exposure by an administrator or disclosure in response to a subpoena, only encrypted gibberish is exposed.
Vaultive for SaaS can be used in numerous scenarios:
|SaaS Scenario – SharePoint Online|
|SharePoint Online is frequently used as a shared document repository enabling collaboration and facilitating cross-domain business processes. SharePoint delivers enhanced productivity, as well as administration and storage cost efficiencies. However, enterprises understand that when storing confidential or sensitive data on a third-party cloud service, it may be exposed – and face the risk of unauthorized disclosure.||Vaultive can enable customers to ensure that all documents and data hosted at SharePoint Online are persistently encrypted, even while authorized users are interacting with the data. Vaultive integrates with single sign on allowing authorized users seamless access to confidential data.|
|SaaS Scenario – Cloud-Based Human Capital Management Platforms|
|Cloud-based human capital management platforms deliver comprehensive functionality and cost-saving performance management. Providers such as SAP SuccessFactors have invested in securing their data centers, provide ongoing security assessments of their software and comprehensive access controls. The challenge that remains, however, is that employee personal data and other confidential information is stored and processed at a third-party provider. Without maintaining control of corporate data in the cloud, and protecting confidential information, enterprises are concerned that moving to the cloud is too risky.||Vaultive provides the ability for customers to encrypt their data before it moves to the cloud – so that it never resides at a third-party in the clear – while ensuring that the application is fully functional for all authorized users. Confidential information or information subject to data residency requirements can be encrypted before it leaves the trusted network, and can only be accessed by authorized users.|
|SaaS Scenario – Secure Document Sharing|
|Enterprises that host virtual deal rooms or maintained dedicated servers or networks for specific projects such as clinical trials, consider cloud-based alternatives as a means of both lowering costs and delivering a more flexible environment for users and IT. However, since these deployments – almost by definition – involve non-public information and proprietary data falling under compliance mandates, enterprises face the challenge of ensuring the data remains under their direct control at all times and minimizing the risk that a third-party administrator (or even a local IT administrator) gains access to the data for material gain.||Through deployment of the Vaultive platform, enterprises can enable a more cost-effective and flexible deal room model and ensure that data is persistently secured while stored and processed in the cloud. In addition, enterprises can enforce access controls to specific data sets to satisfy data residency or compliance requirements. For example, only users accessing a cloud-based service through a Vaultive gateway deployed in Germany, managed by local IT and a member of a specific directory group can access data subject to data residency and privacy regulations. The data remains unintelligible to any other user not accessing the service through the Vaultive gateway.|