Thales eSecurity helps SaaS consumers secure their digital transformations by offering data encryption and key management solutions that give SaaS consumers confidence that sensitive data stored in SaaS clouds is protected and under their control.
Do you know what questions to ask SaaS providers about data security? Does any data you are uploading to your SaaS provider include personally-identifiable information (PII)? Are you in an industry with data security mandate for which compliance extends to SaaS applications?
Even if your SaaS provider has assured you that they are encrypting your data, here are a few critical questions you still need to ask:
These questions represent security best practices. See the Cloud Security Alliance Cloud Controls Matrix.
It’s easy to forget that you are ultimately responsible for ensuring compliance with data privacy and protection mandates, regardless of data location. So when you consider SaaS solutions, make sure your SaaS provider offers the same controls you employ in your own data centers. If your SaaS provider can't, find one who can.
Vormetric Transparent Encryption allows SaaS providers to extend their service offerings to include data-at-rest encryption, and meet your data protection requirements. Vormetric Transparent Encryption enables data-at-rest encryption, privileged user access control and the collection of security intelligence logs without re-engineering applications, databases or infrastructure. Read the TeenSafe success story.
SaaS providers have a responsibility to protect customer data with encryption. Further, SaaS providers should follow industry best practices and enable customers to control encryption keys for their data. SaaS providers offering Bring Your Own Key Services can enable you to utilize the CipherTrust Cloud Key Manager to fulfill critical key-governance mandates. Ask your SaaS provider to let you control the encryption keys for your data.
Don't just take our word regarding best practices for cloud, in particular SaaS, data security and key management. Join the Cloud Security Alliance LinkedIn Group. Give your SaaS providers the Cloud Security Alliance Consensus Assessment Initiative Questionnaire so that you can consistently compare SaaS provider security offerings.
Selecting the right SaaS providers, those who protect and give you control of your data, gives you the assurance you need to sleep well at night and bring confidence to compliance meetings.
You are the SaaS buyer. You have choices. Use the Consensus Assessment Initiative Questionnaire to identify and select only the SaaS providers that offer the tools to ensure that compliance mandates for your data extends to SaaS clouds.
Whether it's Vormetric Transparent Encryption with comprehensive key management or Key Management as a Service, your SaaS providers can partner with Thales eSecurity to ensure that you are in control of your data in SaaS clouds.
The Vormetric Data Security Platform makes it efficient to manage data-at-rest security across your entire organization. Built on an extensible infrastructure, Vormetric Data Security Platform products can be deployed individually, while sharing efficient, centralized key management.
Download
This paper cuts through the confusion to help you pick the best encryption and tokenization options for your projects. The focus is on encrypting in the data center: applications, servers, databases, and storage. It also covers cloud computing (IaaS: Infrastructure as a Service).
Download
As security teams struggle to contend with more frequent, costly, and sophisticated attacks, data-at-rest encryption becomes an increasingly critical safeguard. This white paper offers an overview of the different encryption approaches available today.
Download
The Vormetric Data Security Platform makes it easy and efficient to manage data-at-rest security across your entire organization. Built on an extensible infrastructure, the platform features multiple data security products that can be deployed individually or in combination to deliver advanced encryption, tokenization and centralized key management. This data security solution prepares your organization for the next security challenge and new compliance requirement at the lowest TCO.
Download
Thales eSecurity is our standard. Whenever an encryption solution is needed, the answer is always, ‘let’s start with Thales eSecurity.Damian McDonaldVice President of Global Information Security, Becton, Dickinson and Company
My concern with encryption was the overhead on user and application performance. With Thales eSecurity, people have no idea it’s even running.Karl MudraCIO
Delta Dental of Missouri
