CipherCloud has delivered new data protection capabilities for SAP SuccessFactors. The solution is built on CipherCloud’s Cloud Access Security Broker (CASB) platform. This will enable customers to ensure that all data is encrypted. It will also provide them with key management capabilities. These features will appeal to customers who are struggling to deal with increasingly complex global data privacy and protection requirements.
Dev Ghoshal, senior vice president of Global Alliances & Customer Success, CipherCloud said: “We are very excited to be the CASB player chosen by SAP to help drive adoption of SAP SuccessFactors solutions. Our team has collaborated closely with SAP to develop a solution that enables customers to confidently adopt the cloud, while maintaining exclusive control over their sensitive data and complying with an increasingly complex web of data privacy requirements like GDPR.”
Privacy and data protection becoming harder
Moving data to the cloud is easy. Protecting data and staying compliant with a constantly changing landscape of privacy and data protection regulation is not. Companies working internationally often have to meet multiple sets of rules, some of which are contradictory. While cloud providers are quick to offer cloud-based security services these are not always sufficient. In addition it is not legally permissible to outsource responsibility for data protection to a third party. This means that any breach of the cloud providers systems could also expose the customer to legal issues.
To deal with this there is a need for companies to play an active role in the protection of their data. One way is to control how their data is encrypted. Companies are increasingly encrypting their data. The problem is that with most cloud providers this means using encryption provided by the cloud provider. This means that they get to control the encryption keys. The danger with this is that law enforcement can require the cloud provider to hand over data without the customer knowing.
As part of this deal, CipherCloud is deploying its Active Encryption product. This allows customers to take control of their encryption keys. It prevents the keys being shared outside the enterprise and meets data protection standards.
CipherCloud is also making it easier for companies to use data masking and apply protection to all levels of data. This is essential as privacy laws expand the scope of Personally Identifiable Information (PII). Recently the European Court of Justice decided that dynamic IP addresses were PII as they could be combined with other data to identify individuals. The EU General Data Protection Legislation (GDPR) is due to come into force soon with draconian fines for privacy breaches. CipherCloud and SAP SuccessFactors are making it easier to avoid those fines.
Moving from an on-premises solution to a cloud-based means reviewing data protection and privacy policies. Most companies will go with the advice of their cloud provider. In the case of encryption this is not enough. CipherCloud is enabling companies to take their encryption keys with them when they move to the cloud. This will help protect their data and reduce the risk of large fines.