Your SlideShare is downloading. ×
0
The Navajo Systems vision:  To expand the use of cloud computing by  eliminating the entry barriers of data privacy  and r...
Navajo Code TalkersAmerica’s secret weapon in WWII
Navajo in the News
Analyst Recognition
SaaS is all around usThe “traditional” enterprise vendors            are coming in
Saas Industry Consensus #2 “Security is the number one issue affecting the adoption of cloud services.” Dan Yachin IDC - 2...
Can We Trust our SaaS Providers?
Relevant Data Security Regulations • Health Insurance Portability and Accountability Act (HIPAA) • Sarbanes Oxley (SOX) • ...
Cloud                                            ComputingCloud computing is about gracefully losing control while   maint...
Virtual Private     SaaS
The Customer Control Concept
VPS: A Revolutionary Concept  Customer is in control of its data privacy  Real-time encryption of sensitive SaaS data  Sen...
Navajo VPS Use Case
Client sends data to VPS
Step 1: Detect Sensitive Data
Step 2: Encrypt Sensitive Data
Step 3: Receive Data from App     5: Store Encrypted Data     4: Send Encrypted Data                     Encrypted Data   ...
Step 7: Decrypt and Present Data     6: Detect Encrypted Data
Step 8: Search and Query Data
Live Demo Real-time Encryption of Sensitive SaaS Data: 1. Contacts 2. Accounts 3. Reports  SaaS application functionality ...
Listed on Salesforce’s AppExchange
Processing Encrypted Data  “...safe harbor provisions in laws and regulations  treat lost encrypted data as not lost at al...
Virtual - Private SaaS
VPS Server Architecture       HTTP Proxy               SMTP Proxy                Pop3 Proxy                    SaaS       ...
VPS Server Architecture       HTTP Proxy               SMTP Proxy                Pop3 Proxy                    SaaS       ...
VPS Server Architecture       HTTP Proxy               SMTP Proxy                Pop3 Proxy                    SaaS       ...
VPS policy Data Flow           HTTP Proxy             SMTP Proxy &             Pop3 Proxy            SaaS Integration     ...
One InfrastructureMultiple Application
SaaS Integration       Mail Transfer                      API                Agent      VPS    Appliance                  ...
Comparison of Data Confidentiality             Risk   Eaves-      Database   Identity   Server                    dropping...
With VPS, SaaS Customers will…    • Retain complete control over      sensitive data    • Eliminate data privacy concerns ...
Dr. David Movshovitz -  Navajo SaaS
Dr. David Movshovitz -  Navajo SaaS
Dr. David Movshovitz -  Navajo SaaS
Dr. David Movshovitz -  Navajo SaaS
Dr. David Movshovitz -  Navajo SaaS
Upcoming SlideShare
Loading in...5
×

Dr. David Movshovitz - Navajo SaaS

1,125

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,125
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
39
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Transcript of "Dr. David Movshovitz - Navajo SaaS"

  1. 1. The Navajo Systems vision: To expand the use of cloud computing by eliminating the entry barriers of data privacy and regulatory compliance. Founded in 2009 by experts in the fields of information security and back by Jerusalem Venture Partners a leading Israeli venture capital fund with over $780 million under management
  2. 2. Navajo Code TalkersAmerica’s secret weapon in WWII
  3. 3. Navajo in the News
  4. 4. Analyst Recognition
  5. 5. SaaS is all around usThe “traditional” enterprise vendors are coming in
  6. 6. Saas Industry Consensus #2 “Security is the number one issue affecting the adoption of cloud services.” Dan Yachin IDC - 2008 “Privacy concerns and laws or other domestic or foreign regulations may reduce the effectiveness of our solution and adversely affect our business.” SalesForce 2008 Annual Report “The security models being used three or four years go are not the kind well be using in the future.” Steve Purser, deputy director of European Union network security agency
  7. 7. Can We Trust our SaaS Providers?
  8. 8. Relevant Data Security Regulations • Health Insurance Portability and Accountability Act (HIPAA) • Sarbanes Oxley (SOX) • Childrens Online Privacy Protection Act (COPPA) • Family Educational Rights and Privacy Act (FERPA) US State Regulations • Californias AB 1950 and SB1386/CC1798 • Nevada NRS 597.970 • Massachusetts 201 CMR 17.00 • Floridas HB 481 • Georgias SB 230 The controller himself needs to • Illinois HB 1633 • New Yorks AB 4254 GUARANTEE compliance with • Pennsylvanias SB 712 • Utahs SB 69 all data protection regulations. International Regulations • The Payment Card Industry Data Security Standard (PCI DSS) and Check 21 Act • UK Data Protection Act • Canadas Personal Information Protection and Electronic Documents Act (PIPEDA) • International government and banking regulations for the European Union, United Kingdom, Israel, South Africa, Australia and Singapore
  9. 9. Cloud ComputingCloud computing is about gracefully losing control while maintaining accountability even if the operational responsibility falls upon one or more third parties (CSA Guideline 2.0) What can we do?
  10. 10. Virtual Private SaaS
  11. 11. The Customer Control Concept
  12. 12. VPS: A Revolutionary Concept Customer is in control of its data privacy Real-time encryption of sensitive SaaS data Sensitive data remains encrypted while at rest SaaS application functionality is unaffected Out-of-the-box policy configuration No need to modify the SaaS application*Patent pending technology
  13. 13. Navajo VPS Use Case
  14. 14. Client sends data to VPS
  15. 15. Step 1: Detect Sensitive Data
  16. 16. Step 2: Encrypt Sensitive Data
  17. 17. Step 3: Receive Data from App 5: Store Encrypted Data 4: Send Encrypted Data Encrypted Data Customer name : eso01992 Social security no : add3441asdad E-mail : asfd34@cdaf.wqeerq.wdqw Address : edqew213ada Parent account : adcae87asf Credit card no : adwew.edwe.eqe.qeqe Phone no : 432-2424-242-234
  18. 18. Step 7: Decrypt and Present Data 6: Detect Encrypted Data
  19. 19. Step 8: Search and Query Data
  20. 20. Live Demo Real-time Encryption of Sensitive SaaS Data: 1. Contacts 2. Accounts 3. Reports SaaS application functionality is unaffected 1. Search for data 2. Sort contacts 3. Run Reports
  21. 21. Listed on Salesforce’s AppExchange
  22. 22. Processing Encrypted Data “...safe harbor provisions in laws and regulations treat lost encrypted data as not lost at all.” –Cloud Security Alliance , December 2009
  23. 23. Virtual - Private SaaS
  24. 24. VPS Server Architecture HTTP Proxy SMTP Proxy Pop3 Proxy SaaS Apache & MTA Integration API Administration Policy Management *Encryption Engine Sort and Search Enabled Search Enabled Encryption Encryption Standard Encryption File encryption Format-preserved Encryption*Based on NIST-standard algorithms
  25. 25. VPS Server Architecture HTTP Proxy SMTP Proxy Pop3 Proxy SaaS Apache & MTA Integration API Administration Policy Management *Encryption Engine Sort and Search Enabled Search Enabled Encryption Encryption Standard Encryption File encryption Format-preserved Encryption*Based on NIST-standard algorithms
  26. 26. VPS Server Architecture HTTP Proxy SMTP Proxy Pop3 Proxy SaaS Apache & MTA Integration API Administration Policy Management *Encryption Engine Sort and Search Enabled Search Enabled Encryption Encryption Standard Encryption File encryption Format-preserved Encryption*Based on NIST-standard algorithms
  27. 27. VPS policy Data Flow HTTP Proxy SMTP Proxy & Pop3 Proxy SaaS Integration Apache MTA API Policy *Encryption Engine Sort and Search Enabled Search Enabled Encryption Encryption Standard Encryption File encryption Format-preserved Encryption SaaS / PaaS Vendor
  28. 28. One InfrastructureMultiple Application
  29. 29. SaaS Integration Mail Transfer API Agent VPS Appliance Corporate LAN/WAN VPSInternet as a Service SaaS provider facilities SaaS Application Servers
  30. 30. Comparison of Data Confidentiality Risk Eaves- Database Identity Server dropping/ Theft Theft Hacking Solution Tampering TLS / SSL VPN Virtual Private Cloud Database Encryption Firewall SAS-70 Navajo – VPS
  31. 31. With VPS, SaaS Customers will… • Retain complete control over sensitive data • Eliminate data privacy concerns • Eliminate data regulation concerns • Reduce the expense of SaaS solution audits
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×