Navajo Systems aims to expand cloud computing adoption by addressing data privacy and regulatory compliance barriers. It was founded in 2009 by information security experts and is backed by venture capital. Navajo's Virtual Private SaaS solution allows customers to encrypt sensitive data within SaaS applications in real-time, maintaining functionality while keeping data encrypted at rest. This addresses privacy and compliance concerns while keeping customers in control of their sensitive data.

2. The Navajo Systems vision:
To expand the use of cloud computing by
eliminating the entry barriers of data privacy
and regulatory compliance.
Founded in 2009 by experts in the fields of information security
and back by Jerusalem Venture Partners a leading Israeli
venture capital fund with over $780 million under
management

3. Navajo Code Talkers
America’s secret weapon in WWII

4. Navajo in the News

5. Analyst Recognition

6. SaaS is all around us
The “traditional” enterprise vendors
are coming in

7. Saas Industry Consensus #2
“Security is the number one issue affecting the adoption of cloud
services.”
Dan Yachin IDC - 2008
“Privacy concerns and laws or other domestic or foreign regulations
may reduce the effectiveness of our solution and adversely affect our
business.”
SalesForce 2008 Annual Report
“The security models being used three or four years go are not the
kind we'll be using in the future.”
Steve Purser, deputy director of European Union network security agency

8. Can We Trust our SaaS Providers?

12. Relevant Data Security Regulations
• Health Insurance Portability and Accountability Act (HIPAA)
• Sarbanes Oxley (SOX)
• Children's Online Privacy Protection Act (COPPA)
• Family Educational Rights and Privacy Act (FERPA)
US State Regulations
• California's AB 1950 and SB1386/CC1798
• Nevada NRS 597.970
• Massachusetts 201 CMR 17.00
• Florida's HB 481
• Georgia's SB 230
The controller himself needs to
• Illinois' HB 1633
• New York's AB 4254
GUARANTEE compliance with
• Pennsylvania's SB 712
• Utah's SB 69
all data protection regulations.
International Regulations
• The Payment Card Industry Data Security Standard (PCI DSS) and Check 21 Act
• UK Data Protection Act
• Canada's Personal Information Protection and Electronic Documents Act
(PIPEDA)
• International government and banking regulations for the European Union,
United Kingdom, Israel, South Africa, Australia and Singapore

13. Cloud
Computing
Cloud computing is about gracefully losing control while
maintaining accountability even if the operational
responsibility falls upon one or more third parties
(CSA Guideline 2.0)
What can we do?

14. Virtual Private
SaaS

15. The Customer Control Concept

16. VPS: A Revolutionary Concept
Customer is in control of its data privacy
Real-time encryption of sensitive SaaS data
Sensitive data remains encrypted while at rest
SaaS application functionality is unaffected
Out-of-the-box policy configuration
No need to modify the SaaS application
*Patent pending technology

17. Navajo VPS Use Case

18. Client sends data to VPS

19. Step 1: Detect Sensitive Data

20. Step 2: Encrypt Sensitive Data

21. Step 3: Receive Data from App
5: Store Encrypted Data
4: Send Encrypted Data
Encrypted Data
Customer name : eso01992
Social security no : add3441asdad
E-mail : asfd34@cdaf.wqeerq.wdqw
Address : edqew213ada
Parent account : adcae87asf
Credit card no : adwew.edwe.eqe.qeqe
Phone no : 432-2424-242-234

22. Step 7: Decrypt and Present Data
6: Detect Encrypted Data

23. Step 8: Search and Query Data

24. Live Demo
Real-time Encryption of Sensitive SaaS Data:
1. Contacts
2. Accounts
3. Reports
SaaS application functionality is unaffected
1. Search for data
2. Sort contacts
3. Run Reports

25. Listed on Salesforce’s AppExchange

26. Processing Encrypted Data
“...safe harbor provisions in laws and regulations
treat lost encrypted data as not lost at all.”
–Cloud Security Alliance , December 2009

27. Virtual - Private SaaS

28. VPS Server Architecture
HTTP Proxy SMTP Proxy Pop3 Proxy SaaS
Apache & MTA Integration
API
Administration
Policy Management
*Encryption Engine
Sort and Search Enabled Search Enabled
Encryption Encryption
Standard Encryption File encryption Format-preserved
Encryption
*Based on NIST-standard algorithms

29. VPS Server Architecture
HTTP Proxy SMTP Proxy Pop3 Proxy SaaS
Apache & MTA Integration
API
Administration
Policy Management
*Encryption Engine
Sort and Search Enabled Search Enabled
Encryption Encryption
Standard Encryption File encryption Format-preserved
Encryption
*Based on NIST-standard algorithms

30. VPS Server Architecture
HTTP Proxy SMTP Proxy Pop3 Proxy SaaS
Apache & MTA Integration
API
Administration
Policy Management
*Encryption Engine
Sort and Search Enabled Search Enabled
Encryption Encryption
Standard Encryption File encryption Format-preserved
Encryption
*Based on NIST-standard algorithms

31. VPS policy Data Flow
HTTP Proxy SMTP Proxy & Pop3 Proxy SaaS Integration
Apache MTA API
Policy
*Encryption Engine
Sort and Search Enabled Search Enabled
Encryption Encryption
Standard Encryption File encryption Format-preserved
Encryption
SaaS / PaaS
Vendor

32. One Infrastructure
Multiple Application

33. SaaS Integration Mail Transfer
API Agent
VPS
Appliance Corporate LAN/WAN
VPS
Internet
as a Service
SaaS provider facilities
SaaS Application
Servers

34. Comparison of Data Confidentiality
Risk Eaves- Database Identity Server
dropping/ Theft Theft Hacking
Solution Tampering
TLS / SSL
VPN
Virtual Private
Cloud
Database
Encryption
Firewall
SAS-70
Navajo –
VPS

35. With VPS, SaaS Customers will…
• Retain complete control over
sensitive data
• Eliminate data privacy concerns
• Eliminate data regulation concerns
• Reduce the expense of SaaS
solution audits