Take Control of Data Security In The Cloud

Whether the driver is better collaboration, more efficient data movement, or lower cost, everyday business users are uploading sales, customer, and product data into Cloud based services. Uploading data into the Cloud may trigger violation of corporate data security and retention policies, as well as data privacy and residency regulations. With data in the Cloud, the organization also become reliant on the Cloud service providers to implement proper operational procedures and security safeguards to protect the data at rest, in transit, and in backup. Instead of relying on the often questionable SAS-70 certification or the operational discipline of some technology start-ups to protect your data, Vordel API Server allows organization to take control of data security in the Cloud.

Monitor: Know What Data Are Leaving And Where Are They Going

The first step in taking control of Cloud data security is to monitor data flowing to the Cloud and gain situational awareness. Data Leakage Prevention (DLP) technologies do a fine job monitoring documents, including HTTP traffic, but DLP cannot fully protect API traffic. Vordel API Server provides full data security monitoring for API traffic, covering a broad range of standard and proprietary protocols. Vordel API Server can monitor for sensitive data not just in documents, but also in places where sensitive data may be embedded as identifiers and attributes, such as headers, query strings, resource names. Vordel API Server can be deployed in-line of Cloud bound traffic for both monitoring and protection, or deployed strictly as a traffic sniffer for monitoring and alerting only.

Prevent: Secure Data Flow To The Cloud

After gaining situational awareness, the next step is to take measures to prevent non-compliant data from moving to the Cloud. Vordel API Server can be a Cloud data security gateway enforcing data security policies. The API Server can block, route, remove, mask, encrypt, or tokenize any data flowing to the Cloud based on policies for security, privacy, and residency. Vordel API Server also secures the communication channel to the Cloud, acting as the SSL termination point, managing API keys and certificates, and perform all encryption tasks.

Protect: Control Access By Cloud Based Services

Cloud integration is often bi-directional, such as a CRM integration between Siebel and Salesforce.com. Just monitoring and preventing data leakage to the Cloud is not enough. Organizations also need to protect against access from Cloud based services In addition to enforcing authentication and authorization policies for Cloud based clients such as API key based policies. Similarly, while data leaving the organization can create compliance issues, data coming into the organization can be problematic as well. For example, if a Cloud based service sends in credit card numbers into an on-premise CRM system that does not expect to host such data, it can create PCI DSS compliance issue for the organization. Vordel API Sever can monitor data flow and API calls to and from Cloud based services.