Webinar: Enable ServiceNow with Data Security, Visibility, and Compliance

© 2014 CipherCloud | All rights reserved. 1© 2014 CipherCloud | All rights reserved.

CipherCloud Webinar -Enable ServiceNow with Data Security, Visibility, and Compliance

Glenn Cobb, VP of Cloud Security

Solutions, Americas

© 2014 CipherCloud | All rights reserved. 2

Webinar Agenda

• How CipherCloud for ServiceNow can expand use of ServiceNow for business processes that handle private, sensitive, or regulated data

• Use Case: How Thales is ensuring data protection worldwide as they move from on-premises to ServiceNow in the cloud

• A live demo of CipherCloud for ServiceNow using HR work flows as an example

http://www.google.com/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&uact=8&docid=u9LcIXKBt6Sj1M&tbnid=L0YKDxcTQCpzcM:&ved=0CAYQjRw&url=http://www.swivelsecure.com/wins-gold-and-bronze-at-the-9th-annual-2013-security-industrys-global-excellence-awards/&ei=MSEfU5LUC8Og2AWElYGIDQ&bvm=bv.62788935,d.b2I&psig=AFQjCNECe15qZ3g0h94AHf5HshYzqXcM0A&ust=1394635422403902


ServiceNow Next Generation

With CipherCloud Using Encryption to Unlock Broader Adoption of ServiceNow Across the Enterprise for Everything



ChileProtection of Personal Data Act

ArgentinaPersonal Data Protection Act,Information Confidentiality Law

South AfricaElectronic Communications and Transactions Act

Australia

National Privacy Principals, State Privacy Bills, Email Spam and Privacy Bills

New Zealand

Privacy Amendment Act

PhilippinesPropose Data Privacy Law

CanadaPIPEDA, FOIPPA, PIPA

US StatesBreach notification in 46 states

TaiwanComputer-Processed Personal Data Protection

Hong KongPersonal Data Privacy Ordinance

JapanPersonal Information Protection Act

South KoreaNetwork Utilization and Data Protection Act

European UnionEU Data Protection Directive,State Data Protection Laws

IndiaInformation Technology Act

United KingdomICO Privacy and Electronic Communications Regulations

USA FederalCALEA, CCRA, CIPA, COPPA, EFTA, FACTA, ECPA, FCRA, FISMA, FERPA, GLBA, HIPAA, HITECH, PPA, RFPA, Safe Harbor, US PATRIOT Act

Brazil

Article 5 of Constitution

ColombiaData Privacy Law 1266

MexicoPersonal Data Protection Law

MoroccoData Protection Act Thailand

Official Information Act B.E. 2540

EuropePrivacy laws in 28 countries

SingaporePersonal & Financial Data Protection Acts

© 2014 CipherCloud | All rights reserved

IsraelProtection of Privacy Law (PPL)

Aruba, CuraçaoData Protection Acts

Where Cloud Data Resides and What Laws Apply


The Cloud is changing everything

• Driving Innovation with new tools and capabilities

• Reducing Cost with scale economy and efficiencies

• Adding Challenges for compliance & governance



Expanding ServiceNow with Data Security

Accelerate Adoption

Increase Efficiency

Optimize Productivity



What CipherCloud Customers are doing with ServiceNow

Implement and deliver internal HR services and workflows

HR

Efficiently deliver secure multi-customer IT outsourcing services

Services

Leveraging the cloud and addressing sensitive data protection

Governance



Williams, Samantha, 734 Maple StreetBurlington, VT, [email protected] Preferred, 4468-3198-3244-7297,married, 3 dependents, FICO score 742

Strongly Encrypt, Preserve Functionality

જFଡ# る KM 回 5ঘKઋ] 今 6} ,જFଡ# る KM回 5ঘKઋ] 今 6} VT, 입 ણ= 时 @間 %ଯV. ଌত K5VBত2ଌKuঘ5 시 , 4K8G-E69N-03WD-7297ढଯVBতଌમK5 시 5ਲ 間 મऑ પఌખ7gଌਲ6H

Name

Card #

City

Email

4K8G-E69N-03WD-7297

જFଡ# る KM 回 5ঘKઋ] 今6}

ਲ6Hપ 时 ऊમથ す ঘખ, VT

입 ણ= 时 @間 %ଯV.তଌK5

Name

Card #

City

Email

Authorized users enter and access data in the clear

Williams, Samantha

4468-3198-3244-7297

Burlington, VT

[email protected]

High-performance encryption at the enterprise gateway Encryption keys never

leave the enterprise

Wide range of encryption options for each data field

Advanced capabilities provide high performance searching, sorting and reporting

Only vendor to achieve FIPS 140-2 validation


Unauthorized User

Authorized User


Enterprise Grade Key Management

• 140-2 NIST Compliant key store• Store keys securely on the CipherCloud platform

• Multiple levels of protection on the platform• Split-keys and multiple custodians to address internal threats

• Keys remain encrypted on disk at all times

• Ability to derive unique keys for each encryption scheme

• Advanced key lifecycle management• Key rotation without affecting legacy data

• Intelligent workflow to manage key expiration



CipherCloud Encryption Key Storage

Secure key store

Server password-protected

Encrypted configuration file Encryption keys

Keys Protected in Compliance with NIST SP 800-57 Standards


ServiceNow Capabilities

• Service Now Releases Supported• Dublin• Eureka• Fuji

• Supports the following functionality• IT Service Automation

Asset Management, Configuration Management

Incident Management, Problem Management

Resource Management

Service Catalog

Enterprise , Case, and HR Service Automation

Customization of the above components



Audit Logging and Malware Detection

• Integrated Audit Logging • User, Admin, System logging

• Can integrate with SEIM or other reporting tools

• Transaction level information on who, what, when, from where

• Malware Scanning• Scanning of all attachments on upload

• High volume and performance

• Partnership with BitDefender product



Corporate Network Deployment

• CipherCloud can be deployed in a single tier or multiple tier environment

• Can be located in DMZ for external access

• Can be placed in second tier behind a DMZ based proxy

• Load Balancing is recommended in round robin mode• F5 or similar load balancers allow for regional or geographical

distribution

• Supports Hot/Cold or Hot/Hot Standby

• Multiple Gateways work in a cluster mode to provide high availability and performance

• Supports Inbound and Outbound email notifications



Multi Tier Network Deployment of CipherCloud

ServiceNow

Web Proxy

System Admins

Enterprise Boundary

SAML

Email Gateway

API/Web Services

ServiceNow Connector

Encryption Key Mgmt. Malware

CipherCloud Gateway

SSM

Key Store / HSM

Internal Users

Remote Users

UAM

Tier 1 (DMZ)A web proxy can be deployed in front of the CipherCloud gateway in the network DMZ.

Tier 2 (Network)Most gateway components can be deployed at the network layer allowing internal and administrator access.

Tier 3 (Database)key stores can be located behind additional layers of network security.

Management Console

Browser


Customer Success – Thales Defense & Security

Implementation Highlights

• Partnered with KPMG

• Encrypted 150+ data fields

Benefits• Immediate cost

savings

• Supports growth strategy & agility

• No data centers or developers

QUICK FACTS• A global leader

in Aerospace, Defense, Transportation, and Security

• 65,000+ employees

“Using CipherCloud technology with ServiceNow enables us to leverage all the benefits that SaaS Cloud providers afford and has transformed our approach to delivering IT services!”

Danny GreenDirector, CIO Office, Thales UK

ServiceNow & CipherCloud

• The ideal cloud platform

• Maintained full functionality

• FIPS 140-2 validated crypto


CipherCloud – Cloud Access Security Broker

DISCOVER Assess Risk Posture

Clou

d Se

rvic

esCl

oud

Risk

Rati

ngs

Clou

d DL

P

PROTECTProtect Data

Encr

yptio

nTo

keni

zatio

nAn

ti-m

alw

are

MONITOROngoing Visibility

Use

r Acti

vity

Anom

alie

sCo

mpl

ianc

e

Open Integration Framework

Cloud App Controls, Mobile App Controls

High-Performance, Stateless Proxy

Enterprise BoundaryExternal User

External User


500+ Employees

Company

3.0+ MillionActive Users

13 Industries

25 Countries

7 Languages

P 13 Patents

About CipherCloud

Solutions

Cloud DiscoveryCloud DLP

Strong EncryptionTokenization

Activity MonitoringAnomaly Detection

Customers

5 out of 10Top US Banks

3 out of 5Top Health Providers

Top 2 GlobalTelecomm Company

40% of GlobalMail Delivery

Largest USMedia Company

3 out of 5Top Pharmaceuticals


Questions?

Click to Watch On-demand Webinar : Enable ServiceNow with Data Security, Visibility, and Compliance

For additional information :• Website: www.ciphercloud.com• Email: [email protected]• Phone: +1 855-5CIPHER

Glenn CobbVP Cloud Security Solutions - Americas

[email protected]

Twitter.com/ciphercloud

Youtube.com/user/CipherCloudVideo

Linkedin.com/company/ciphercloud

Facebook.com/ciphercloud

Connect with Us!

http://pages.ciphercloud.com/enable-servicenow-with-data-security-visibility-compliance-on-demand-landing-page.html?Slideshare



mailto:[email protected]

https://twitter.com/ciphercloud

https://in.linkedin.com/company/ciphercloud