CipherCloud is a vendor that provides a cloud access security broker (CASB) platform, along with a number of security services, aimed at helping organizations secure their cloud-based applications.
The CipherCloud Platform provides a dashboard that administrators can use to gain visibility into which cloud applications are in use in their organizations, as well as monitor user activity to ensure compliance. An administrator can also use the management platform to establish role-based access controls. The platform can work across a number of cloud applications -- including Salesforce, SAP SuccessFactors, ServiceNow, Adobe Analytics Cloud, Microsoft Office 365, Box, Dropbox and Google Drive -- and can integrate with on-premises systems, including user directories, custom applications and databases.
CipherCloud security technologies
The CipherCloud Platform includes several different security technologies, including:
- Active encryption: Provides persistent encryption of cloud data, as well as granular policy controls;
- Key management: Enables administrators to control and manage encryption keys, including key rotation and expiration;
- Mobile data protection: Allows an administrator to encrypt data on a mobile device, and to ensure only authorized users have access to that data;
- Tokenization: Replaces an enterprise's sensitive data with unique identification symbols for use with cloud apps, while retaining that sensitive data in an on-premises database. This feature is designed for organizations with strict data residency requirements.
- Data loss prevention: Enforces policies to detect possible threats and data leaks;
- Active monitoring: Monitors users, devices and data, and creates reports;
- Malware detection: Scans all content to detect threats, such as viruses and ransomware, and automatically remove them; and
- Shadow IT discovery: Discovers cloud app usage in an organization and assesses risk levels.
CipherCloud protection modes
CipherCloud provides two methods of protection for cloud applications. The first is an inline gateway, which acts as a centralized control point that applies active encryption and tokenization to an organization's data as it moves to the cloud. The gateway provides AES 256-bit encryption, key management services and tokenization.
The second method is API-based protection, which is meant for organizations that cannot always route traffic through an inline gateway because of remote users, mobile access or other reasons. In this model, the CipherCloud Platform integrates and connects with cloud applications through APIs. Administrators can monitor user activity, enforce usage policies and establish encryption practices based on those policies. Machine learning technologies are also used to detect any anomalies in activity.
In addition to its CASB platform, CipherCloud offers three categories of IT security services:
- Implementation services. CipherCloud works with an enterprise to determine its cloud security requirements, and to help with planning, design, deployment and configuration processes for its platform.
- Technical enablement program (TEP). TEP services ensure the CipherCloud Platform is properly managed and maintained. It ensures that all platforms are up-to-date and all policy and governance requirements are met.
- Customer onboarding and adoption program (CAP). CAP combines the implementation and TEP services programs, and is offered to new customers during their first year of use.
These services are performed by CipherCloud architects, consultants and project managers.
CipherCloud also offers training programs to educate enterprises on the platform. The training focuses on topics such as architecture, program management, implementations and system administration. The vendor also offers two certifications: CipherCloud Certified Program Manager and CipherCloud Certified Architect.