Cisco Cloud Security Privacy Data Sheet
|
|
- Myra Flynn
- 5 years ago
- Views:
Transcription
1 Cisco Cloud Security Privacy Data Sheet This Privacy Data Sheet describes the processing of personal data (or personal identifiable information) by Cisco Cloud Security. Overview of Cisco Cloud Security Capabilities Cloud Security ( CES ) is a cloud-based security service that blocks spam and security threats from the Internet and, depending on the features licensed, prevents the accidental or intentional leakage of customer data. CES offers inbound protection and outbound control of your traffic. The following feature functionalities are available as part of CES depending on the licensed features purchased: Anti-spam Intelligent Multi-Scan Anti-spam Anti-virus Outbreak Filters Advanced Malware Protection Safe Unsubscribe Image Analysis Encryption (CRES) Data Loss Prevention For more information about CES, please see: The following paragraphs describe the personal data that Cisco processes to deliver the CES services, the location of such data and how it is secured in accordance with privacy principles, laws and regulations. 1. Personal Data Processing The tables below list the personal data used by CES to carry out the services and describe why Cisco processes such data. Table 1. Personal Data Processing Personal Data processed by CES Customer Account/Contact Information Envelope Header: Sender, Recipient, Host/IP address Data Header: From, To, Subject, Reply-to Headers (including CC/BCC), Name/Title of Attachment (but not the content of the Attachment) Purpose of Processing Product administration: Creating an account, validating license entitlements, general product support and administration. Identify Envelope Sender, Envelope Recipient (e.g. jsmith@company.com) for security purposes. Identify the From, To, Subject, Reply-To headers (e.g. Jane Smith <jsmith@company.com>), Attachment name for security purposes.
2 Body: content and/or entire Attachment (but only if the customer purchases and enables the Quarantine feature) IP Address (note that customer may opt-out of collection for Cisco global threat intelligence research purposes) Evaluate for threats and apply any customer created policies. IP Addresses are stored for security purposes as part of an audit log to identify IP addresses trying to access customer s CES instance, as well as for Cisco global threat intelligence research. 2. Cross-Border Transfers: When a new customer purchases a CES subscription, that customer s account information is always created, processed and stored in the United States regardless of the subsequent provisioning of such customer s accounts into its chosen regional cloud (i.e. U.S., Canada or EU). For example, upon receipt of a purchase order for CES from a new EU customer, such customer s account details are created in the CES administrative systems in the United States, even though the customer later chooses to provision the CES services to the CES EU Cloud. All subsequent data from such customer that is associated with the CES product function (i.e. Customer Account Information, Message Tracking, Reporting, Quarantine and Data Loss Prevention data) will then be processed in the EU Cloud. However, if customer has not chosen to Opt-Out of sending certain telemetry data to Cisco via the Senderbase Network Participation ( SBNP ), where Table 1 above specifies that IP addresses are processed for the purposes of Cisco global threat intelligence research, such SNBP processing is conducted by Cisco s global threat intelligence teams, Talos and TIP, which have data centers in the U.S. only. If a customer considers an IP address as personal data, please note this cross-border transfer of such personal data to the Talos and TIP data centers located in the U.S. Cisco CES leverages third party cloud hosting providers to provide the services globally, as follows: Table 2: Cisco CES, Talos and TIP Data Center Locations Data Center Locations: CES, Talos and TIP Equinix: The Equinix infrastructure for the CES cloud runs in the following regions: - USA: California - Canada - United Kingdom The Talos data centers run in the following regions: - USA: California, Texas, Virginia Amazon Web Services (AWS): The AWS infrastructure for the CES cloud runs in the following regions: - USA: Oregon, USA - USA: Virginia Switch: The Switch infrastructure for the CES cloud runs in the following region: - USA: Nevada Q9: The Q9 infrastructure for the CES cloud runs in the following region: - Canada KPN: The KPN infrastructure for the CES cloud runs in the following region: - Netherlands Vazata: The TIP cloud runs in the following region: - USA: Texas 3. Access control
3 Table 3: Access Control Personal Data processed by CES Who has access Purpose of the access Customer Customer account/contact information for product administration Cisco Employees Sales Administration, Licensing Operations, CES Operations Creating an account and validating license entitlements and general product support and operations. Customer Envelope Header Cisco Employees CES Operations staff only Providing security analytics and forensics for product usage. Data Header Customer Cisco Employees CES Operations staff only Providing security analytics and forensics for product usage. Body (only if the customer purchases and enables the Quarantine feature) IP Addresses Customer Cisco Employees CES Operations staff only Customer (only as part of Message Tracking Data, as described below) Cisco Employees CES Operations staff only Cisco Talos and TIP staff Providing security analytics and forensics for product usage. Security administration/maintain audit logs, and global threat intelligence research. 4. Retention Period / Deletion: A. Data Processed in the CES Cloud 1. Customer Account/Contact Information. Customer account information is currently retained indefinitely. Since this account information is processed in the U.S.A. prior to Customer provisioning to its selected CES regional cloud, such account information is also subject to daily backup to the colocation facility for that data center. When a customer terminates its CES subscription, it can specifically request that its account information be purged from Cisco s datastores and backups by opening a Cisco TAC case. 2. Message Tracking Data. Data stored in the Message Tracking feature of CES includes the Envelope Headers, Data Headers and IP Addresses* (collectively, the Message Tracking Data ). Message Tracking Data does not include the Body. The retention period for Message Tracking Data is tied to the amount of disk space available within the Message Tracking feature. For the average customer that sees approximately 40,000-60,000 s per hour, the expected default retention period is fourteen (14) days. However, if the customer has a lower than average volume, more disk space is available, so the customer may see retention periods of one (1) year or more. Outside of the default retention period, the customer may control Message Tracking Data retention by reallocating disk space for such data. The less space allocated, the shorter the retention period. Thus, even a customer with low volume can reallocate disk space to ensure a shorter retention period. In no event will the actual retention period be shorter than the default retention period noted in this section. Once the Message Tracking Data reaches the end of its then-current retention period, CES automatically deletes it via a First In, First Out process. While the Message Tracking feature is enabled by default, it may be disabled by the customer. Disabling the Message Tracking feature will limit the functionality of CES. Please see the CES documentation for more information.
4 *IP Addresses included in Message Tracking Data are accessible by the customer and subject to the retention period and deletion policies in these Message Tracking Data terms. 3. Reporting Data Data stored in the Reporting feature of CES includes information such as Envelope Header, Data Header and statistics and trends on volumes and verdicts (e.g. how many s were flagged as spam, how many were flagged as containing a virus, etc.) (collectively, the Reporting Data ). Reporting Data does not include the Body. The retention period for Reporting Data is tied to the amount of disk space available within the Reporting feature. For the average customer that sees approximately 40,000-60,000 s per hour, the expected default retention period is one (1) year. However, if the customer has a lower than average volume, more disk space is available, so the customer may see retention periods of more than a year. Outside of the default retention period, the customer may control Reporting Data retention by reallocating disk space for such data. The less space allocated, the shorter the retention period. Thus, even a customer with low volume can reallocate disk space to ensure a shorter retention period. In no event will the actual retention period for Reporting Data be shorter than the default retention period noted in this section. Once the Reporting Data reaches the end of its then-current retention period, CES automatically deletes it via a First In, First Out process. While the Reporting feature is enabled by default, it may be disabled by the customer. Disabling the Reporting feature will limit the functionality of CES. Please see the CES documentation for more information. 4. Quarantine Data. There are three types of Quarantines available: Spam, Policy and Dynamic/System Quarantines. Note that CES enables Spam Quarantine by default. Each type of Quarantine is triggered to hold data based on the applicable policy defined by the customer. The data captured and stored by each type of Quarantine includes the Envelope Header, the Data Header and the Body, (collectively, the Quarantine Data ). However, the overall Quarantine feature must be enabled for CES to store the Quarantine Data. The retention period for each type of Quarantine Data is tied to the settings defined for the type of Quarantine selected by the customer. The default retention period is fourteen (14) days for the Spam Quarantine, ten (10) days for Policy Quarantines and one (1) day or less for Dynamic/System Quarantines. After the applicable retention period expires, CES will treat the in accordance with the Quarantine policy set by the customer. Note that the CES s default Quarantine setting will delete s after the applicable retention period expires. Retention periods can be modified by the customer as required, subject to the total disk space allocated to the Quarantine feature. While only the Spam Quarantine feature is enabled by default, all three types of Quarantines may be disabled by the customer. Disabling the Quarantine feature will limit the functionality of CES. Please see the CES documentation for more information. 5. Data Loss Prevention Data. The Data Loss Prevention (DLP) feature of CES is not a default feature. It must be separately purchased, licensed and enabled. If customer purchases the DLP feature and enables the Matched Content Logging option, then Message Tracking will store the that portion of the Body that matches the customer created Matched Content Logging criteria for a DLP violation (the DLP Data ). The DLP Data supplements the information in the Message Tracking Data noted above. For example, if the customer sets its Matched Content Logging policy to track only credit card numbers, then only the credit card number that triggered the DLP violation will be logged and visible in the Message Tracking feature. The Matched Content Logging option must be enabled for CES to store the DLP Data. If Matched Content Logging is enabled, the retention period for the DLP Data is tied to the amount of disk space available within Message Tracking as noted above. For the average customer that sees approximately 40,000-60,000 s per hour, the expected retention period is fourteen (14) days. However, if the customer has a lower than average volume or more disk space is allocated, the customer may see retention periods of up to one year. Outside of the default retention period, the customer may control DLP Data retention by reallocating disk space for such data. The less space allocated, the shorter the retention period. Thus, even a customer with low volume can reallocate disk space to ensure a shorter retention period. In no event shall the actual retention period for DLP Data be shorter than the default retention period noted in this section. Once the DLP Data reaches the end of then-current retention period, it is automatically deleted. Matched Content Logging may be disabled by the customer after it has been licensed. Disabling the Matched Content Logging functionality will limit the functionality of CES. Please see the CES documentation for more information. 6. IP Addresses in Audit Logs.
5 IP Addresses are stored within CES audit logs for ninety (90) days. CES will purge these IP Addresses after the ninety (90) day retention period expires. For security purposes, Customers cannot request deletion of IP Addresses stored within audit logs. 7. Deletion of Customer s CES Account upon Expiration/Termination of CES Subscription. Once a customer s CES subscription expires or terminates, CES automatically flags the applicable account for decommissioning. All customer data associated with such customer s CES service will be deleted within forty-five (45) days of the decommission flagging, unless a shorter time period is requested by the customer. However, any IP addresses within audit logs will remain in CES until their ninety (90) day retention period expires. B. Data Processed within the TIP and Talos Clouds: Senderbase Network Participation 1. Talos Cloud. If customer does not Opt-out of SBNP telemetry collection within CES, then the IP addresses collected as part of that telemetry data are retained indefinitely in the Talos cloud. Choosing to Opt-out of SBNP may degrade the threat intelligence provided to customer by Cisco as part of CES. A customer may request deletion of a specific IP Address in the Talos cloud by opening a Cisco TAC request. 2. TIP Cloud If customer does not Opt-out of SBNP telemetry collection withn CES, then the IP addresses collected as part of that telemetry data are retained in the TIP cloud for four (4) months. The IP addresses are automatically deleted upon the expiration of such retention period. A customer may also request deletion of a specific IP Address in the TIP cloud by opening a Cisco TAC case. Choosing to Opt-out of SBNP may degrade the threat intelligence provided to customer by Cisco as part of CES. 5. Personal Data Security Table 4: Encryption Personal Data processed by CES Customer account/contact information for product administration Envelope Header Data Header Body IP Address Type of Encryption CES cloud: Talos/TIP clouds: Data in transit only: TLS encryption 6. Third Party Service Providers
6 Cisco utilizes third party cloud hosting providers who can contract to provide the same level of data protection and information security that customers can expect from Cisco. Table 5: Third Party Service Providers. List of Third Parties Purpose of 3rd Party Processing Location Certification Link Equinix CES leverages Equinix data centers to help provide a global service footprint, security assurance, service elasticity and resilience to CES. United Kingdom; Canada; USA: California --CA facilities: - San Jose: ISO 27001, SOC 1 Type II, SOC 2 Type II. - Santa Clara: ISO 27001, SOC 1 Type II, SOC 2 Type II. - Sunnyvale: ISO 27001, SOC 1 Type II, SOC 2 Type II. --UK facility has ISO 27001, SOC 1 Type II, SOC 2 Type II. --CAN facility has ISO 27001, SOC 1 Type II, SOC 2 Type II. Talos leverages Equinix data centers for its global threat intelligence research USA: California, Texas, Virginia --VA facility has NIST /FISMA, ISO 27001, SOC 1 Type II, SOC 2 Type II, PCI DSS and HIPPA. --CA facility (Sunnyvale) has ISO 27001, SOC 1 Type II, SOC 2 Type II. --TX facility has NIST /FISMA, ISO 27001, SOC 1 Type II, SOC 2 Type II, PCI DSS and HIPPA. Amazon Web Services (AWS) CES leverages AWS data centers to help provide a global service footprint, security assurance, service elasticity and resilience to CES. USA: Oregon; Virginia Switch Q9 CES leverages the Switch data center to help provide a global service footprint, security assurance, service elasticity and resilience to CES. CES leverages the Q9 data center to help provide a global service footprint, security assurance, service elasticity and resilience to CES. USA: Nevada, SSAE 18 SOC I Type 2, SOC II Type 2 Canada SSAE 18 SOC I Type 2 KPN CES leverages the KPN data center to help provide a global service footprint, security assurance, service elasticity and resilience to CES. Netherlands ISO27001 Vazata TIP leverages the Vazata data center for its global threat intelligence research. USA: Texas SSAE 18 SOC I Type 2
Privacy Data Sheet. This Privacy Data Sheet describes the processing of personal data (or personal identifiable information) by Cisco Threat Grid.
Cisco Privacy Data Sheet This Privacy Data Sheet describes the processing of personal data (or personal identifiable information) by Cisco Threat Grid. Overview of Cisco Capabilities Cisco offers a cloud
More informationCisco Webex Messenger
Cisco Webex Messenger This describes the processing of personal data (or personal identifiable information) by Cisco Webex Messenger. 1. Overview of Cisco Webex Messenger Capabilities Cisco Webex Messenger
More informationCentralized Policy, Virus, and Outbreak Quarantines
Centralized Policy, Virus, and Outbreak Quarantines This chapter contains the following sections: Overview of Centralized Quarantines, page 1 Centralizing Policy, Virus, and Outbreak Quarantines, page
More informationProjectplace: A Secure Project Collaboration Solution
Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the
More informationUnderstanding the Pipeline
This chapter contains the following sections: Overview of the Email Pipeline, page 1 Email Pipeline Flows, page 2 Incoming / Receiving, page 4 Work Queue / Routing, page 6 Delivery, page 10 Overview of
More informationUsing Centralized Security Reporting
This chapter contains the following sections: Centralized Email Reporting Overview, on page 1 Setting Up Centralized Email Reporting, on page 2 Working with Email Report Data, on page 4 Understanding the
More informationIBM Security Intelligence on Cloud
Service Description IBM Security Intelligence on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients
More informationGoogle Cloud & the General Data Protection Regulation (GDPR)
Google Cloud & the General Data Protection Regulation (GDPR) INTRODUCTION General Data Protection Regulation (GDPR) On 25 May 2018, the most significant piece of European data protection legislation to
More informationCISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1
CISCO BORDERLESS NETWORKS 2009 Cisco Systems, Inc. All rights reserved. 1 Creating New Business Models The Key Change: Putting the Interaction Where the Customer Is Customer Experience/ Innovation Productivity/
More informationSolution Pack. Managed Services Virtual Private Cloud Security Features Selections and Prerequisites
Solution Pack Managed Services Virtual Private Cloud Security Features Selections and Prerequisites Subject Governing Agreement DXC Services Requirements Agreement between DXC and Customer including DXC
More informationSDL Privacy Policy Cloud Services
SDL Privacy Policy Cloud Services Software-As-A-Service Products Version 11-04-2017 v1.4 SDL plc Globe House Clivemont Road, Maidenhead SL6 7DY England www.sdl.com SDL Tridion Infrastructure Summary This
More informationBlock Threats Before They Reach Your Network Make Downtime a Thing of the Past. Comprehensive and reliable protection
SecureSMART Block Email Threats Before They Reach Your Network Make Downtime a Thing of the Past. Comprehensive and reliable email protection SecureSMART protects your network from viruses, spam, advanced
More informationOnline Services Security v2.1
Online Services Security v2.1 Contents 1 Introduction... 2 2... 2 2.1... 2 2.2... 2 2.3... 3 3... 4 3.1... 4 3.2... 5 3.3... 6 4... 7 4.1... 7 4.2... 7 4.3... 7 4.4... 7 4.5... 8 4.6... 8 1 Introduction
More informationAUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE
AUTOTASK ENDPOINT BACKUP (AEB) SECURITY ARCHITECTURE GUIDE Table of Contents Dedicated Geo-Redundant Data Center Infrastructure 02 SSAE 16 / SAS 70 and SOC2 Audits 03 Logical Access Security 03 Dedicated
More informationModern attacks and malware
Modern attacks and malware Everything starts with an email and web Dragan Novakovic Cisco Systems New Cyber Threat Reality Your environment will get breached You ll most likely be infected via email Hackers
More informationSECURITY & PRIVACY DOCUMENTATION
Okta s Commitment to Security & Privacy SECURITY & PRIVACY DOCUMENTATION (last updated September 15, 2017) Okta is committed to achieving and preserving the trust of our customers, by providing a comprehensive
More informationSecurity and Compliance at Mavenlink
Security and Compliance at Mavenlink Table of Contents Introduction....3 Application Security....4....4....5 Infrastructure Security....8....8....8....9 Data Security.... 10....10....10 Infrastructure
More informationAmit Panchal Enterprise Technology Strategist
Amit Panchal Enterprise Technology Strategist amitp@microsoft.com Who is Amit Panchal IT Industry Personal Education Executive Experience MORE DEVICES I love my PC, my phone, and my slate. MORE MOBILE
More informationTracking Messages. Message Tracking Overview. Enabling Message Tracking. This chapter contains the following sections:
This chapter contains the following sections: Message Tracking Overview, page 1 Enabling Message Tracking, page 1 Searching for Messages, page 2 Working with Message Tracking Search Results, page 4 Checking
More informationTracking Messages
This chapter contains the following sections: Tracking Service Overview, page 1 Setting Up Centralized Message Tracking, page 2 Checking Message Tracking Data Availability, page 4 Searching for Email Messages,
More informationAwareness Technologies Systems Security. PHONE: (888)
Awareness Technologies Systems Security Physical Facility Specifications At Awareness Technologies, the security of our customers data is paramount. The following information from our provider Amazon Web
More informationAIWCD Privacy Statement
AIWCD Privacy Statement The American International Women's Club of Düsseldorf e.v. (AIWCD) owns and operates this web site. The American International Women's Club of Düsseldorf e.v. will use its best
More informationMicrosoft Office 365 TM & Zix Encryption
Microsoft Office 365 TM & Zix Email Encryption A Natural Fit www.zixcorp.com INTRODUCTION IT managers and decision makers are being pressured from all sides to find ways to safely migrate to cloud-based
More informationTwilio cloud communications SECURITY
WHITEPAPER Twilio cloud communications SECURITY From the world s largest public companies to early-stage startups, people rely on Twilio s cloud communications platform to exchange millions of calls and
More informationBlock Threats Before They Reach Your Network Make Downtime a Thing of the Past. Comprehensive and reliable protection
SecureSMART Block Email Threats Before They Reach Your Network Make Downtime a Thing of the Past. Comprehensive and reliable email protection SecureSMART protects your network from viruses, spam, advanced
More informationInformation Security at Veritext Protecting Your Data
Information Security at Veritext Protecting Your Data The Veritext Security Model Introduction Information security and privacy are built into the fabric of everything we do at Veritext. Helping to protect
More informationKenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data
Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V3.0, MAY 2017 Multiple Layers of Protection Overview Password Salted-Hash Thank you
More informationCrises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.
Crises Control Cloud Security Principles Transputec provides ICT Services and Solutions to leading organisations around the globe. As a provider of these services for over 30 years, we have the credibility
More informationCloud Security Whitepaper
Cloud Security Whitepaper Sep, 2018 1. Product Overview 3 2. Personally identifiable information (PII) 3 Using Lookback without saving any PII 3 3. Security and privacy policy 4 4. Personnel security 4
More informationCisco Security: Advanced Threat Defense for Microsoft Office 365
Cisco Email Security: Advanced Threat Defense for Microsoft Office 365 Microsoft Office 365 has become the standard productivity platform in organizations large and small around the world. It is a cost-effective
More informationSymantec Security.cloud
Data Sheet: Messaging Security filters unwanted messages and protects mailboxes from targeted attacks. The service has selflearning capabilities and Symantec intelligence to deliver highly effective and
More informationData Security and Privacy at Handshake
Data Security and Privacy at Handshake Introduction 3 A Culture of Security 3 Employee Background Checks 3 Dedicated Security and Privacy Teams 3 Ongoing Team Training 4 Compliance 4 FERPA 4 GDPR 4 Security
More informationMicrosoft Exchange Online
RSA Secured Implementation Guide for RSA DLP Network Partner Information Last Modified: March 17 th, 2014 Product Information Partner Name Microsoft Web Site http://www.office365.com/ Product Name Version
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.7)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.7) Directions and Instructions for completing this assessment The answers provided
More informationCisco s Appliance-based Content Security: IronPort and Web Security
Cisco s Appliance-based Content Security: IronPort E-mail and Web Security Hrvoje Dogan Consulting Systems Engineer, Security, Emerging Markets East 2010 Cisco and/or its affiliates. All rights reserved.
More informationIBM Case Manager on Cloud
Service Description IBM Case Manager on Cloud This Service Description describes the Cloud Service IBM provides to Client. Client means and includes the company, its authorized users or recipients of the
More informationConsolidated Hygiene and Encryption Service E-Hub. Slide 1
Consolidated Email Hygiene and Encryption Service E-Hub Slide 1 Agenda E-Hub Service Overview E-Hub Benefits & Features E-Hub Rates and Implementation Microsoft FOPE Overview Demo Questions Slide 2 2 OTECH
More informationPerforming a Vendor Security Review TCTC 2017 FALL EVENT PRESENTER: KATIE MCINTOSH
Performing a Vendor Security Review TCTC 2017 FALL EVENT PRESENTER: KATIE MCINTOSH 1 Speaker Bio Katie McIntosh, CISM, CRISC, CISA, CIA, CRMA, is the Cyber Security Specialist for Central Hudson Gas &
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationCompliance and Security in a Cloud-First Era
Compliance and Security in a Cloud-First Era Regions: Dublin (EU-West) 3 x Availability Zones Launched in 2007 Frankfurt (EU-Central) 2 x Availability Zones Launched 2014 Edge Locations: Amsterdam,
More informationSecurity Information & Policies
Security Information & Policies 01 Table of Contents OVERVIEW CHAPTER 1 : CHAPTER 2: CHAPTER 3: CHAPTER 4: CHAPTER 5: CHAPTER 6: CHAPTER 7: CHAPTER 8: CHAPTER 9: CHAPTER 10: CHAPTER 11: CHAPTER 12: CHAPTER
More information1.2 Participant means a third party who interacts with the Services as a result of that party s relationship with or connection to you.
Document Cloud (including Adobe Sign) Additional Terms of Use Last updated June 16, 2016. Replaces the prior version in its entirety. Capitalized terms used in these Document Cloud Additional Terms ( Additional
More informationTest-king q
Test-king 700-280 64q Number: 700-280 Passing Score: 800 Time Limit: 120 min File Version: 28.5 http://www.gratisexam.com/ 700-280 Email Security for Field Engineers Passed on 2-02-15 with an 890. Dump
More informationTotal Security Management PCI DSS Compliance Guide
Total Security Management PCI DSS Guide The Payment Card Industry Data Security Standard (PCI DSS) is a set of regulations to help protect the security of credit card holders. These regulations apply to
More informationIBM Express Managed Security Services for Security. Anti-Virus Administrator s Guide. Version 5.31
IBM Express Managed Security Services for Email Security Anti-Virus Administrator s Guide Version 5.31 Table of Contents 1. Service overview...3 1.1 Welcome... 3 1.2 Anti-Virus (AV) features... 3 1.3 How
More informationUNCLASSIFIED. Mimecast UK Archiving Service Description
UNCLASSIFIED 26/05/2016 v2.3 Mimecast UK Email Archiving Service Description Mimecast UK Email Archiving, provides businesses with a secure, scalable cloud-based message archive. It s designed to significantly
More informationSecurity Overview. Technical Whitepaper. Secure by design. End to end security. N-tier Application Architecture. Data encryption. User authentication
Technical Whitepaper Security Overview As a team, we have a long history of developing and delivering HR software solutions to customers worldwide, including many of the world s most-demanding organisations.
More informationIBM Sterling B2B Services File Transfer Service
Service Description IBM Sterling B2B Services File Transfer Service This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients
More informationSecurity & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
More informationCisco Meraki Privacy and Security Practices. List of Technical and Organizational Measures
Cisco Meraki Privacy and Security Practices List of Technical and Organizational Measures Introduction Meraki takes a systematic approach to data protection, privacy, and security. We believe a robust
More informationIBM Managed Security Services for Security
Service Description 1. Scope of Services IBM Managed Security Services for E-mail Security IBM Managed Security Services for E-mail Security (called MSS for E-mail Security ) may include: a. E-mail Antivirus
More informationSOC 3 for Security and Availability
SOC 3 for Security and Availability Independent Practioner s Trust Services Report For the Period October 1, 2015 through September 30, 2016 Independent SOC 3 Report for the Security and Availability Trust
More informationContents. Introduction. WSA WebBase Network Participation
Contents Introduction WSA WebBase Network Participation ESA SenderBase Network Participation General Security Concerns FAQ Operation SenderBase (Email) Network Participation Statistics shared per Emailappliance
More informationSecurity & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
More informationSecure Esri Solutions in the AWS Cloud. CJ Moses, AWS Deputy CISO
Secure Esri Solutions in the AWS Cloud CJ Moses, AWS Deputy CISO Security in the cloud is a shared responsibility between AWS and the customer AWS Facilities Physical Security Physical Infrastructure Network
More informationCTS performs nightly backups of the Church360 production databases and retains these backups for one month.
Church360 is a cloud-based application software suite from Concordia Technology Solutions (CTS) that is used by churches of all sizes to manage their membership data, website, and financial information.
More informationNEXT GENERATION CLOUD SECURITY
SESSION ID: CMI-F02 NEXT GENERATION CLOUD SECURITY Myles Hosford Head of FSI Security & Compliance Asia Amazon Web Services Agenda Introduction to Cloud Security Benefits of Cloud Security Cloud APIs &
More informationAltius IT Policy Collection Compliance and Standards Matrix
Governance Context and Alignment Policy 4.1 4.4 800-26 164.308 12.4 EDM01 IT Governance Policy 5.1 800-30 12.5 EDM02 Leadership Mergers and Acquisitions Policy A.6.1.1 800-33 EDM03 Context Terms and Definitions
More informationKantanMT.com. Security & Infra-Structure Overview
KantanMT.com Security & Infra-Structure Overview Contents KantanMT Platform Security... 2 Customer Data Protection... 2 Application Security... 2 Physical and Environmental Security... 3 ecommerce Transactions...
More informationLate Addition #1 EXECUTIVE DOCUMENT SUMMARY
EXECUTIVE DOCUMENT SUMMARY Department: Information Technology Contact Person: Ron Plamondon Telephone No.: Source Selection Method Bid Other: Submittal Dates Executive Board: 01/15/2019 Regular Session:
More informationWatson Developer Cloud Security Overview
Watson Developer Cloud Security Overview Introduction This document provides a high-level overview of the measures and safeguards that IBM implements to protect and separate data between customers for
More informationCustom hosting solutions orchastrated for your needs.
Custom hosting solutions orchastrated for your needs. Cloud Hosting IaaS Colocation DRaaS & Backup Hosting AWS Monitoring PaaS/CaaS (for Developers) Why Customers Choose Us Whether you re just starting
More informationCriminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud
Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud Introduction The Criminal Justice Information Security (CJIS) Policy is a publically accessible document that contains
More informationSecurity and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /
Security and Compliance Powered by the Cloud Ben Friedman / Strategic Accounts Director / bf@alertlogic.com Founded: 2002 Headquarters: Ownership: Houston, TX Privately Held Customers: 1,200 + Employees:
More informationGDPR AMC SAAS AND HOSTED MODULES. UK version. AMC Consult A/S June 26, 2018 Version 1.10
GDPR AMC SAAS AND HOSTED MODULES UK version AMC Consult A/S June 26, 2018 Version 1.10 INDEX 1 Signatures...3 2 General...4 3 Definitions...5 4 Scoping...6 4.1 In scope...6 5 Responsibilities of the data
More informationLayer Security White Paper
Layer Security White Paper Content PEOPLE SECURITY PRODUCT SECURITY CLOUD & NETWORK INFRASTRUCTURE SECURITY RISK MANAGEMENT PHYSICAL SECURITY BUSINESS CONTINUITY & DISASTER RECOVERY VENDOR SECURITY SECURITY
More information10 Considerations for a Cloud Procurement. March 2017
10 Considerations for a Cloud Procurement March 2017 2017, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents
More informationSoftLayer Security and Compliance:
SoftLayer Security and Compliance: How security and compliance are implemented and managed Introduction Cloud computing generally gets a bad rap when security is discussed. However, most major cloud providers
More informationSales Training
Sales Training Extensible Content Security 16.03.2010 2009 WatchGuard Technologies Market Opportunity Total Addressable Market, ($M) Total Addressable Market by Segment, ($M) 16,000 14,000 11.2% CAGR 16,000
More informationThe professional IT management platform
The professional IT management platform Total Control of Your IT Infrastructure Whether you are administrating your own IT, or providing services to your clients, with ITbrain you amaze with proactivity.
More informationVendor Security Questionnaire
Business Associate Vendor Name Vendor URL Vendor Contact Address Vendor Contact Email Address Vendor Contact Phone Number What type of Service do You Provide Covenant Health? How is Protected Health Information
More informationCloud Computing, SaaS and Outsourcing
Cloud Computing, SaaS and Outsourcing Michelle Perez, AGC Privacy, IPG Bonnie Yeomans, VP, AGC & Privacy Officer, CA Technologies PLI TechLaw Institute 2017: The Digital Agenda Introduction to the Cloud
More informationIntroduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview
IBM Watson on the IBM Cloud Security Overview Introduction IBM Watson on the IBM Cloud helps to transform businesses, enhancing competitive advantage and disrupting industries by unlocking the potential
More informationAltius IT Policy Collection Compliance and Standards Matrix
Governance Context and Alignment Policy 4.1 4.4 800-26 164.308 12.4 EDM01 IT Governance Policy 5.1 800-30 12.5 EDM02 Leadership Mergers and Acquisitions Policy A.6.1.1 800-33 EDM03 Context Terms and Definitions
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More informationCentralizing Services on a Cisco Content (M-Series) Security Management Appliance
Centralizing Services on a Cisco Content (M-Series) Security Management Appliance This chapter contains the following sections: Overview of Cisco Content Security Management Appliance Services, on page
More informationhttp://ignite.office.com Spam Protect communications Enforce policy Streamlined management On Premise Corporate Network EOP O365 Exchange Online Every Office 365 customer is an EOP customer Easy transition
More informationWhite Paper The simpro Cloud
White Paper The simpro Cloud White Paper The simpro Cloud Executive Summary... 1 Cloud Overview... 1 Global Data Centre Network... 2 Cloud Architecture... 3 Primary Objectives... 3 Data Security... 4 Certification
More informationMcAfee Skyhigh Security Cloud for Amazon Web Services
McAfee Skyhigh Security Cloud for Amazon Web Services McAfee Skyhigh Security Cloud for Amazon Web Services (AWS) is a comprehensive monitoring, auditing, and remediation solution for your AWS environment
More informationNSDA ANTI-SPAM POLICY
NSDA ANTI-SPAM POLICY Overview On July 1, 2014, Canada s Anti-spam Legislation (CASL) took effect. Coupled with existing regulations, the new legislation sets specific restrictions on using electronic
More informationCAMPUSPRESS TECHNICAL & SECURITY GUIDE
CAMPUSPRESS TECHNICAL & SECURITY GUIDE CAMPUSPRESS 2 WHAT IS IN THIS GUIDE? TABLE OF CONTENTS INTRODUCTION... 3 HOSTING... 5 DATACENTERS & HOSTING REGIONS... 6 BACKUPS AND DISASTER RECOVERY... 8 RELIABILITY
More informationWORKSHARE SECURITY OVERVIEW
WORKSHARE SECURITY OVERVIEW April 2016 COMPANY INFORMATION Workshare Security Overview Workshare Ltd. (UK) 20 Fashion Street London E1 6PX UK Workshare Website: www.workshare.com Workshare Inc. (USA) 625
More informationAdvanced Marketing Certification Training
Advanced Email Marketing Certification Training Duration: 25+ hours; e-learning content PREREQUISITES Although not required, ideally, participants will first complete our Email Marketing Foundations course.
More informationThis presentation is intended to provide an overview of GDPR and is not a definitive statement of the law.
Privacy, Trust, and the General Data Protection Regulation (GDPR) Robertas Tamosaitis Microsoft Business Solution Sales Specialist E-mail: rtamosa@microsoft.com This presentation is intended to provide
More informationGet the Most Out of GoAnywhere: Achieving Cloud File Transfers and Integrations
Get the Most Out of GoAnywhere: Achieving Cloud File Transfers and Integrations Today s Presenter Dan Freeman, CISSP Senior Solutions Consultant HelpSystems Steve Luebbe Director of Development HelpSystems
More informationCipherPost Pro. Secure communications simplified. Feature Sheet
Feature Sheet CipherPost Pro Secure communications simplified CipherPost Pro is a powerful, secure, cloud-based communications and information management solution that enables regulated and non-regulated
More informationSolarWinds Mail Assure
TECHNICAL PRODUCT DATASHEET SolarWinds Mail Assure Email Protection & Email Archive SolarWinds Mail Assure provides best-in-class protection against email-based threats, such as spam, viruses, phishing,
More informationProtection Service with Continuity
EveryCloud Email Protection Service Cloud Based Anti-Spam, Anti-Virus and Business Email Management. Block spam and email viruses in the cloud before they reach your network, whilst taking control of your
More informationAWS Webinar. Navigating GDPR Compliance on AWS. Christian Hesse Amazon Web Services
AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services What is the GDPR? What is the GDPR? The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection
More informationDocument Title: IT Security Assessment Questionnaire
Page 1 of 5 Complete all required fields to the best of your knowledge; incomplete forms will not be reviewed. Project Summary Subject Matter Expert (SME) Information Name: Telephone Number: Email: Job
More informationSecure communications simplified
Secure communications simplified Cirius is a powerful, secure, cloud-based communications and information management solution that enables regulated and non-regulated organizations to effectively protect,
More informationIBM dashdb for Analytics
Service Description IBM dashdb for Analytics This Service Description describes the Cloud Service IBM provides to Client. Client means the company and its authorized users and recipients of the Cloud Service.
More informationOSIsoft PI Cloud Services Privacy Statement
OSIsoft PI Cloud Services Privacy Statement Last updated: December 2016 Scope This notice applies to the use of those services and any other OSIsoft services that display or link to this notice. These
More informationChecklist: Credit Union Information Security and Privacy Policies
Checklist: Credit Union Information Security and Privacy Policies Acceptable Use Access Control and Password Management Background Check Backup and Recovery Bank Secrecy Act/Anti-Money Laundering/OFAC
More informationISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045
Solution Brief 8815 Centre Park Drive, Columbia MD 21045 About delivers business critical software and services that transform high-volume cryptic log data into actionable, prioritized intelligence that
More informationEnterprise SM VOLUME 1, SECTION 5.7: SECURE MANAGED SERVICE
VOLUME 1, SECTION 5.7: SECURE MANAGED EMAIL SERVICE 5.7 SECURE MANAGED EMAIL SERVICE (SMES) [C.2.10.8] The Level 3 Team s (SMES) will meet or exceed the Government s requirements for SMES, as defined in
More informationKerio Cloud. Adam Bielawski. Cloud Hosted Enterprise-Class , Calendars, Contacts, Tasks, and Instant Messaging. Twitter LinkedIn Facebook
Kerio Cloud Cloud Hosted Enterprise-Class Email, Calendars, Contacts, Tasks, and Instant Messaging Twitter LinkedIn Facebook Presented by Adam Bielawski June 15, 2016 Why Kerio? Kerio provides safe, simple,
More informationJuniper Vendor Security Requirements
Juniper Vendor Security Requirements INTRODUCTION This document describes measures and processes that the Vendor shall, at a minimum, implement and maintain in order to protect Juniper Data against risks
More informationPROTECT WORKLOADS IN THE HYBRID CLOUD
PROTECT WORKLOADS IN THE HYBRID CLOUD SPOTLIGHTS Industry Aviation Use Case Protect workloads in the hybrid cloud for the safety and integrity of mission-critical applications and sensitive data across
More informationVirtustream Cloud and Managed Services Solutions for US State & Local Governments and Education
Data Sheet Virtustream Cloud and Managed Services Solutions for US State & Local Governments and Education Available through NASPO ValuePoint Cloud Services VIRTUSTREAM CLOUD AND MANAGED SERVICES SOLUTIONS
More information