Protect Your Data — Preserve Functionality — You Keep Control
The PRS Server – Data Protection for Cloud Applications
The PerspecSys Cloud Protection Gateway allows organizations to protect their sensitive business data when using popular cloud applications such as Oracle CRM On Demand, Salesforce.com, Xactly Incent, Cornerstone on Demand, Oracle Fusion, and others. Any information that leaves a business’ environment and enters the cloud can be tokenized or encrypted, ensuring that data remains undecipherable when it is being processed or stored in the cloud.
PerspecSys’ solution integrates easily into an enterprise SaaS implementation. Installed inside of an organization or its IaaS provider (such as Amazon AWS), the PerspecSys PRS Server resides transparently between the application and its users, intercepting critical data before it is passed to the application in the cloud, and replacing it with a random token or encrypted value that is meaningless outside the PRS Server.
Why Do I Need It?
PerspecSys provides regulatory and legally compliant data control while preserving the functionality of an enterprise’s applications, assuring a seamless experience for users and simple deployment and management for IT organizations. PerspecSys provides full data protection for information that is both “in flight” (being processed) and “at rest” (being stored).
How Does It Work?
The PerspecSys Cloud Data Protection Gateway can be deployed in a wide range of configurations with optional server components. The core system in the PerspecSys Cloud Data Protection Gateway is the PRS Server, acting as a forward proxy. PRS Server Application Adapters can be deployed for each SaaS application that needs to communicate with the PRS Server. The adapters interpret the information flow between the end user and the cloud and play a critical role in preserving application functionality. Optional components include the Mail Transfer Agent Server (used to enable e-mail functionality, if applicable, in SaaS applications) and the Reverse Proxy Server, which provides flexibility in deployment options. Organizations typically use the Reverse Proxy to avoid configuration changes to an existing corporate proxy chain. It can also be deployed in an enterprise’s DMZ in order to provide secure access to the PRS Server for remote users (without requiring them to VPN into the organization).
The PerspecSys Cloud Data Protection solution allows for data protection policies (encryption and tokenization definitions) to be defined and centralized in the core PRS Server, while the SaaS adapters extend these policies to the cloud application while preserving functionality. A management console permits authorized users to maintain data protection, administrative and security policies (such as permissions and access control) across cloud applications.
- Ability, at the data field level, to encrypt, tokenize, or leave data in “the clear” when it is sent to your cloud applications.
- Manages location sensitivity through an optional reverse proxy server, can ensure the same security for remote users outside your firewall.
- Identifies and restricts access to and use of sensitive data through black and whitelists, and optionally, through regional or group designations; also restricts which data can be transferred to and from cloud applications.
- Monitors data use for corporate and legal compliance requirements.
- Ensures that data stays where you prescribe (e.g., on a network server, within a building or within a country).
Why Choose PerspecSys?
- Cloud Data Protection – No data is shared in “the clear” outside of your network control; data is secured with field-level control based on user defined tokenization or encryption options.
- Tokenization and Industry Approved “Strong Encryption” – Organizations can select from an array of included tokenization or encryption options or utilize their own encryption approaches.
- Full SaaS Application Functionality – Users have complete access to the features and functions of the SaaS application such as searching, reporting, and e-mailing.
- Simple Configuration and Deployment – Administrative dashboard allows companies to easily configure their data protection policies and adapters provide connections with popular Cloud-based applications.
- Flexibility – The solution is designed to fit with the way organizations want to do business. For example, the Cloud Data Protection gateway can be deployed in a variety of architectural configurations to meet an organization’s specific security needs.