Data Security

Security Whitepaper: Google Apps Messaging and Collaboration Products

Security Whitepaper

Google Apps Messaging and Collaboration Products Introduction The security of online services is a topic of increasing interest to enterprises as the number of third party hosted service o!erings has expanded in recent years. The emergence of various “cloud computing” concepts and definitions has highlighted not only questions about data ownership and protection, but also how various vendors of cloud computing technologies build and implement their services. Security experts, end-users and enterprises alike are all considering the security implications of the cloud computing model.

Google Apps (comprising Gmail, Google Calendar, Google Docs, and other web applications) provide familiar, easy to use products and services for business settings. These services, characterized by redundant computing environments and dynamic resource allocation, enable customers to access their data virtually anytime and anywhere from Internet-capable devices. This computing environment — often called the “cloud” — allows CPU, memory and storage resources to be shared and utilized by many customers while also offering security benefits.

Google provides cloud services reliably due to its experience with operating its own business, as well as its core services like Google Search, in a similar manner. The security controls that isolate data during processing in the cloud were developed alongside the core technology from the beginning. Security is thus a key component of each of our cloud computing elements, such as compartmentalization, server assignment, data storage, and processing.

This paper will explain the ways Google creates a security-based platform for o!ering its Google Apps products, covering topics like information security, physical security and operational security. This exploration will demonstrate how security is an integral component of Google’s cloud computing system, as well as a core element of Google’s design and development processes. The policies described in this paper are detailed as of the time of authorship. Some of the specifics may change over time as we regularly innovate with new features and products within Google Apps.

How to Evaluate the Data Security Capabilities of Cloud-Based Services

Executive Summary

One of the critical issues in evaluating cloud- based services is data security. Cloud-based services today can be compared to Internet banking. Consumers were initially afraid that online banking would make them more vulnerable to fraud or identity theft. Now that online security technologies have improved, online banking is actually safer than getting paper statements in the mail.

Likewise, using a cloud-based service supplier instead of operating your own internal system can be a major step toward becoming liberated from serious security issues. However, you must choose your provider wisely. Suppliers must demonstrate that they have the optimal technologies, infrastructures and processes in place to ensure data security. And each healthcare facility needs to require evidence that patient data is protected at all levels and stages of the workflow – from duplicate disaster recovery copies and physical protection of the data center to data transmission, storage, and user access.

It’s important to understand the four key components of data security: availability, integrity, confidentiality, and traceability. Data availability ensures continuous access to data even in the event of a natural or man-made disaster or events such as fires or power outages. Data integrity ensures that the data is maintained in its original state and has not been intentionally or accidentally altered. Data confidentiality means information is available or disclosed only to authorized individuals, entities, or IT processes. And data traceability means that the data, transactions, communications, or documents are genuine and that both parties involved are who they claim to be.

All components of data security must be maintained at the following three levels:

  1. The physical infrastructure of the data center;
  2. The hosted application that manages data; and
  3. The policies and procedures to maintain continuous security in the cloud.

Fortune 50 Bank Division Implements Deduplication Technology for Storage Optimization Across Their IT Infrastructure


In today's already constrained datacenters, deduplication technology yields storage footprint and cost savings. IT executives are reporting significant reductions in storage costs from several perspectives including capacity, physical footprint, power, and cooling. Additionally, deduplication is an extremely relevant and timely technology as datacenter consolidation and virtualization often result in the rearchitecture of traditional backup processes. In particular, virtualization drives changes across the IT infrastructure encompassing server, network, storage, and data protection initiatives. As firms look to replace tape with disk-based approaches to data protection, the economic advantages of data deduplication cannot be overlooked.

The leading supplier of data deduplication technology from a real-world
implementation and market penetration perspective is Data Domain. Although it is difficult to define a typical installation (because Data Domain has installations across many industries and within many types of application workloads and capacities), the customer represented in this case study in many ways has characteristics that make it "ripe" for data deduplication. These include a technology refresh for backup hardware, a requirement to improve backup windows, a move to disk-based backup and archive, and initiatives to virtualize the environment.


This IDC Buyer Case Study describes the implementation of Data Domain's
deduplication storage systems at a division of a Fortune 50 financial services firm. In 2007, this firm evaluated deduplication technology from several vendors in an effort to optimize storage infrastructure and reduce backup disk capacity while also improving backup processes and data protection/recovery. The bank selected Data Domain to do its superior dedup ratio (in proof of concept [POC] testing and also once deployed)
and starting in March 2008 did a several month "phase-in" implementation of these storage systems across 13 datacenters (both primary and disaster recovery sites).

Egnyte Security Architecture White Paper


Security, it’s the number one concern of businesses when adopting new technologies involving company data. As businesses move their data digitally, they are faced with increasing risks and costs from data intrusions. With the absence of a company-sponsored file sharing platforms, more employees are seeking unsafe consumer solutions, which can lead to data breaches. To regain control of company data, businesses need a file sharing platform with comprehensive end-to-end data protection. Egnyte offers a unique hybrid cloud solution with enterpriseclass security and privacy; providing businesses with secure file sharing, access, storage and backup. 

Egnyte is focused on complete end-to-end data protection through the five stages of security: Physical, Network, Transmission, Access, and Data. In addition to providing maximum security under each category, Egnyte continually maintains state-of-the-art technology and performs ongoing threat management.

Physical Security

Data Center
End-to-end security starts with the ability to physically protect the servers where data resides. Egnyte provides this first line of defense by housing file servers in industry-leading Tier II, SSAE 16 compliant colocation facilities that feature 24-hour manned security, biometric access control, and video surveillance. All servers reside in private cages that require physical keys to open. All data centers hosting these servers are audited annually for potential  risks and limitations.

Egnyte Security Architecture White Paper

A Primer on Electronic Document Security: How Document Control and Digital Signatures Protect Electronic Documents


This white paper is intended to provide the reader with a brief overview of relevant  document security issues and technologies, as well as to introduce the Adobe suite of document security solutions. The white paper also summarizes Adobe implementations for document control and digital signatures.

Executive Summary

As organizations move more business processes online, protecting the confidentiality and privacy of information used during these processes, as well as providing authenticity and integrity, are essential. Because many automated processes rely on electronic documents that contain sensitive information, organizations must properly protect these documents. Many information security solutions attempt to protect electronic documents only at their storage location or during transmission. However, these solutions do not provide protection for the entire lifecycle of an electronic document. When the document reaches the recipient, the protection is lost, and the document can be intentionally or unintentionally forwarded to and viewed by unauthorized recipients.

A significantly more effective solution is to protect a document by assigning security parameters that travel with it. Six criteria must be met in order to provide more effective protection for an electronic document throughout its lifecycle:

1 Confidentiality
2 Authorization
3 Accountability
4 Integrity
5 Authenticity
6 Non-repudiation

The two major security techniques used to establish these six document security criteria are document control and digital signatures.

Improve the Security of Your Data!

<p>There is a security threat lurking in your business right now and you may not even be aware of it. Your office copiers <img style="margin: 10px 10px 9px 0px; display: inline; float: left" title="iStock_000006913526Small" alt="iStock_000006913526Small" align="left" src="" width="158" height="105" />and multifunction printing devices have the ability to scan and store documents so they can be retrieved down the road without need for the original document. While this is a very convenient feature for most, if left unchecked when the equipment leaves your office, it can quickly become a serious security risk.</p> <p>When you sell your office copiers or return them to the manufacturer after your lease is up, oftentimes the hard drives in the units will remain untouched. This means that down the road, someone with the correct toolset could decode your data. It is imperative that you take the steps to secure your data before it is too late! </p>

Update Your Protocols to Maximize Security

<p>The security of your documents and client information is one of the most important facets of your business. Without <img style="background-image: none; border-right-width: 0px; margin: 10px 10px 10px 0px; padding-left: 0px; padding-right: 0px; display: inline; float: left; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="iStock_000002968116XSmall" border="0" alt="iStock_000002968116XSmall" align="left" src="" width="87" height="129" />the ability to properly secure your information, you leave yourself liable for loss of the information. There are a number of ways that you can further protect your data to ensure that your confidential materials stay safe. Data security is vital to your business, and can be enhanced by:</p> <p><b>Maintaining Copier Data:</b> <br />Periodically wiping the data from the hard drives of your copiers will prevent your data from being stolen down the road. Usually, decommissioned copiers do not go through any sort of memory wipe, which means your data may sit unsecured until someone with the right tools retrieves it. </p>

Update Your Protocols to Maximise Security

<p>The security of your documents and client information is one of the most important facets of your business. Without the ability to properly secure your information, you leave yourself liable for loss of the information. There are a<img style="background-image: none; border-right-width: 0px; margin: 10px 0px 10px 10px; padding-left: 0px; padding-right: 0px; display: inline; float: right; border-top-width: 0px; border-bottom-width: 0px; border-left-width: 0px; padding-top: 0px" title="j0309600" border="0" alt="j0309600" align="right" src="" width="101" height="142" /> number of ways that you can further protect your data to ensure that your confidential materials stay safe. Data security is vital to your business, and can be enhanced by:</p> <p><b>Maintaining Copier Data:</b> <br />Periodically wiping the data from the hard drives of your copiers will prevent your data from being stolen down the road. Usually, decommissioned copiers do not go through any sort of memory wipe, which means your data may sit unsecured until someone with the right tools retrieves it. </p>

PCI and Data Security The Prioritized Approach and a Look Ahead

The Payment Card Industry (PCI) Security Standards Council™ guides the efforts of Chief Information Security Officers, Compliance Officers, and others who protect cardholder information for payment card issuers, merchants, banks, processors, and service providers. The Council's PCI Data Security Standard (DSS) is a comprehensive set of requirements for security infrastructure, policies, and practices, intended to improve the security of cardholder and account data throughout the industry.

As the PCI Council completes its fifth year of operation, this paper reviews:

• successes and setbacks of the PCI Data Security Standard

• implications of the Council's new Prioritized Approach to DSS

• practical steps professionals can take to improve data security and maintain PCI DSS compliance

• effects of emerging technologies and legislation

This paper is an update and guide, not a tutorial on PCI DSS. Readers new to the standard should consult the excellent materials1 available from the PCI Security Standards Council itself, or one of the many introductory guides available from solution providers.

Compliance and Security
Few doubt that PCI DSS has helped standardize industry security practices and improve data protection. Often cited as a model for industry self-regulation, DSS helps card brands, issuing banks, merchants, and others reduce direct losses from fraud, and risks of reputation loss and litigation from data security breaches. Industry members comply with the standard out of direct financial self-interest, or indirectly to support the interests of powerful partners. DSS has been especially effective at improving security practices on the industry's front lines. In the words of Ellen Richey, Chief Risk Officer for VISA, "More than 90% of the largest card accepting merchants and about 97% of processors in the United States have validated compliance with PCI. The companies that fully embrace it are protecting themselves every day by maintaining their defenses, scanning systems, detecting anomalies and addressing threats."3


Subscribe to RSS - Data Security