DataMath Enterprise Security Documentation
Overview
The framework for developing an enterprise application has always been based on meeting customer requirements for integration, and interoperability with existing business processes. With governance and compliance becoming a foundational IT process, security has become fundamental for integration.
Data Ladder’s data cleansing and matching solution is in use at public and private institutions all
over the world, so security is paramount.
While it is true that some things are easier to administer through the cloud, security is not one of them. By its very nature, security is something most organizations will want to keep in-house rather than turning over confidential data (even if encrypted) to a cloud provider.
Being an on-premise solution, Data Ladder automatically bypasses the bulk of security concerns. Meaning, the solution is installed behind the client’s own security measures.
Security Benefits: Data Ladder On-premise Software
Whether a company places its applications in the cloud or decides to keep them on-premises, data security will always be paramount. But for businesses in highly regulated industries, the decision is often already made for them. Knowing your data is located within your in-house servers and IT infrastructure also provide more peace of mind anyway.
From a security standpoint, the biggest benefit of Data Ladder software being on-premise is that you have complete control.
With Data Ladder, you have complete control over your data
Data quality software handles confidential business information of all types. Employee social security numbers, accounting and expenses, supply chain management logistics, and other business intelligence that may represent significant value to outside parties. When you host your data quality software on-premise, you control everything, including the security measures used to physical access control.
You won’t be left at risk because a workstation connecting outside the network to the cloud-based data quality solution is not secured enough or has vulnerabilities that can be exploited or an employee at the cloud provider jumped ship with as much data as possible.
Software testing practices for a more secure solution
While our on-premise deployment provides customers working sensitive data considerable peace of mind, we go one step further and have integrated security-testing as part of our DevOps workflows.
The traditional approach of having application security testing as a checkpoint before deployment is no longer efficient since new code is developed and deployed faster than ever before. By shifting security to the beginning of DevOps workflows and embedding security controls as integral parts of the integration/deployment processes, Data Ladder detects security defects earlier on in the process and applies fixes immediately.
Cloud-hosted DataMatch Enterprise instances
If a customer has a DataMatch Enterprise Server license, they have freedom over where they choose to host the software. Where customers require the software to be hosted on the cloud, Data Ladder uses Microsoft Azure, ensuring top-of-the-line security and compliance.
Compliance framework and offerings include but are not limited to:
CSA Star Attestation
ISO/IEC 27001
FISC
UK G-Cloud
CSA Star Certification
ISO 9001
EU Model Clauses
SOC 1 & SOC TYPE 2 Report
ISO IEC 27018
PCI DSS
EU-US Privacy Shield
SOC Type 3
HIPAA/ HITECH Compliance
Security
Encryption
Microsoft uses encryption technology to protect your data while at rest in a Microsoft database and when it travels between user devices and Cloud App Security datacenters.
Identify and Access Management
Microsoft Cloud App Security enables you to limit access of administrators to the portal based on geolocation using Azure Active Directory. It’s possible to require multi-factor authentication to access the Microsoft Cloud App Security portal by using Azure Active Directory.
Permissions
Microsoft Cloud App Security supports role-based access control. Office 365 and Azure Active Directory Global admin and Security admin roles have full access to Cloud App Security, and Security readers have read access.
Data Location
Microsoft Cloud App Security currently operates in datacenters in the United States and Europe (each a “Geo”). Your tenant account will be created in a Geo based on the country you chose when you signed up. Specifically, your data will be stored in a data center in the Geo nearest to that location.
Transparency
Microsoft provides transparency about its practices:
Sharing with you where your data is stored.
Affirming that your data is used only to deliver agreed-upon services.
Specifying how Microsoft engineers and approved subcontractors use this data to provide services.
Microsoft uses strict controls to govern access to customer data, granting the lowest level of access required to complete key tasks and revoking access when it is no longer needed.
Data Protection
Microsoft Cloud App Security enforces data protection during content inspection. File content isn’t stored in the Cloud App Security datacenter. Only the metadata of the file records and any matches that were identified are stored.
Data Retention
Microsoft Cloud App Security retains data as follows:
Activity Log
180 days
Discovery Data
90 days
Alerts
180 days
Governance Log
120 days
Data Ladder gives you the peace of mind you need to process sensitive data without fear of prying eyes. If you want guidance on how to better secure your own environment, please feel free to contact our solution specialists any time.