FAQs about CipherCloud for Office 365

How is CipherCloud for Office 365 sold

CipherCloud products are licensed on a subscription basis, based on the size of the organization (typically measured by users, or throughput). In addition, there are one-time license fees per server, as well as integration services offered as needed.

How is the CipherCloud solution deployed

CipherCloud is deployed as software that can be run on physical servers, virtual servers, or on private cloud instances, such as Amazon Web Services.

How complicated is deployment

Deployment of the CipherCloud platform can be as short as a few weeks to somewhat longer depending on the customer’s requirements and configuration needs. CipherCloud uses a standard phased process including: 1. requirements gathering phase; 2. scope and architectural framework finalization; 3. development and configuration; 4. sandbox testing; 5. production roll-out.

Does CipherCloud for Office 365 support hybrid deployments

Many organizations are migrated from on-premise Exchange to Office 365 in a gradual phased approach. CipherCloud supports hybrid deployments, protecting data that is stored in the cloud, without interfering with the functionality of on-premise mailboxes. CipherCloud also supports Microsoft and third-party migration tools for staged or cut-over migrations.

How is CipherCloud integrated with Office 365

CipherCloud runs independently from Office 365, typically at the perimeter of a customer’s network. CipherCloud is designed to work seamlessly with Office 365 preserving the format and operations of encrypted data that is stored in the cloud, supporting search, sort, and other functions critical to end-users.

What is the relationship between Microsoft and CipherCloud

CipherCloud is a member of the Microsoft partner program and is committed to ongoing tight integration with the Office 365 platform.

Does CipherCloud support spam and malware protection

Yes. CipherCloud supports the built-in anti-spam and anti-malware capabilities of Office 365 for all inbound traffic. CipherCloud supports custom spam and malware policies, quarantines, and user-self management of quarantined email.

Does CipherCloud support custom mail routing

Yes. CipherCloud supports custom routing of any outbound mail as well as secure outbound messaging, conditional mail routing, hybrid mail routing and inbound safe lists.

Does CipherCloud support advanced mail recipient features

CipherCloud supports a wide range of advanced mail recipient features including out-of-office replies, capacity alerts, MailTips, contacting linking to social networks.

Does CipherCloud support Office 365 reporting and trouble-shooting tools

CipherCloud supports most Office 365 Admin Center reports including delivery reports, message tracing, auditing reports, and unified messaging reports.

Can CipherCloud encrypt attachments

Yes. CipherCloud can encrypt text in most types of attachments including Word, Excel, PowerPoint, and PDF.

What type of encryption does CipherCloud use

CipherCloud uses standards-based AES 256-bit encryption. The AES (Advanced Encryption Standard) was established by U.S. National Institute of Standards and Technology (NIST) in 2001 and is deployed by the U.S. Government and organizations globally. AES is a symmetric-key algorithm, using the same set of keys for encryption and decryption.

How does CipherCloud’s encryption differ from SSL encryption

Encryption can be used in many different contexts, for very different purposes. For example, SSL creates a secure tunnel from an individual browser to an external web server. This is standard practice for online transactions such as banking or e-commerce (every time you see “https:” URL). This is an important component of overall security, but only secures the tunnel – not the content. Cloud providers (on the other end of the tunnel) still receive and process data in the clear. CipherCloud secures the actual content – regardless of how it is delivered or where it resides.

How does CipherCloud’s encryption differ from encryption solutions offered by cloud vendors

Some cloud providers offer encryption of data at rest while in their servers, but many do not. However, even if data is encrypted by the cloud provider, they typically decrypt data during any type of data processing as they hold the keys. This leaves the data vulnerable to rogue insiders, mismanagement or forced legal disclosure, and many legal experts agree that this is not adequate for regulatory compliance. By comparison, with CipherCloud’s solution, the encryption keys never leave the organization, assuring compliance and protection of the data.

Has CipherCloud’s encryption been certified or validated by third-parties

AES encryption has been certified by NIST under FIPS 197 and CipherCloud is in the final certification process for FIPS 140-2. The AES standard has been publicly published and extensively reviewed and tested by many independent organizations. In addition, CipherCloud’s implementation has gone through rigorous testing, code review and validation by dozens of major enterprise customers including the world’s largest banks.

How are encryption keys managed

CipherCloud provides enterprise key management in compliance with NIST SP 800-57 standards. Multiple key storage options enable keys to be stored securely in the CipherCloud or stored separately on a KMIP-compliance key management server. Keys in CipherCloud remain encrypted at all times, and can be split keys between multiple custodians (to reduce internal threats), rotated, and expired without affecting legacy data.

How is encrypted data still searchable

CipherCloud provides granular control over the level of encryption and search-ability for specific pieces of information. Data can be encrypted on a per-field or per-word basis with industry standard AES 256-bit encryption. In addition, CipherCloud provides options for local indexing of selected data to optimize search functions. All of these options can be fine-tuned to meet the searching and maximum security requirements of each type of data.

FAQs about CipherCloud

Who uses CipherCloud

CipherCloud solutions have been sold to companies in over 14 countries and 10 industries. CipherCloud protects over 2 million end-users with over 250 million records.

What types of industries use CipherCloud

CipherCloud has been deployed in a range of industries that have regulated or proprietary information. These include financial services, banking, insurance, healthcare, pharmaceuticals, hi-tech, and government.

Who founded CipherCloud

CipherCloud was founded by Pravin Kothari in 2010. Pravin is the CEO of CipherCloud and is a security visionary with more than 20 years of experience building industry-leading companies and bringing innovative products to market. Pravin was the Founder & CTO of Agiliance, a leading Security Risk Management company, and Co-founder & VP Engineering of ArcSight, a leading security company, which was acquired by HP for $1.6 billion. Previously, Pravin was Co-founder & Chief Architect at Impresse Corporation and also held technical leadership positions at Verity, Attachmate, and Tata Consultancy Services. Pravin holds over a dozen patents in security technologies and is the inventor behind CipherCloud’s groundbreaking cloud encryption technology.

Pravin had the foresight to sense an opportunity in protecting sensitive enterprise information in the cloud and across multiple clouds.

Is encryption required by government regulations

Most regulations do not specify technology, although Payment Card Industry Data Security Standard (PCI-DSS) compliance does require encryption. However, increasingly privacy, financial, and healthcare regulations are recognizing that if organizations encrypt data adequately, and maintain possession of their encryption keys, then they can qualify for a “safe harbor” exemption from breach notifications laws.

What compliance regulations has CipherCloud been used to meet

CipherCloud has been deployed by customers to help meet regulations from the US Government (GLBA, SOX, PCI, HIPAA, HITECH, FISMA, FERPA, and others), US states (CA-1386 and similar privacy laws in 46 states), European Union (EU Data Protection Directives), UK (ICO regulations), Canada (PIPEDA, FOIPPA, PIPA), Australia (Privacy Amendment Act), and similar laws in more than 50 countries.

How does CipherCloud deal with legal disclosure laws such as the US Patriot Act

Law enforcement in almost any country can compel cloud providers to turn over customer data, sometimes without even notifying the customer. This can be very problematic for customers with data that is protected by privacy laws, especially when that data crosses national boundaries. CipherCloud solutions solve this problem, putting organizations in exclusive control over any legal disclosures. Most organizations prefer (and are required to) disclose data precisely, and accurately, based on their legal obligations, but do not want third-party providers making these decisions for them.

Can’t CipherCloud be required to turn over encryption keys – just like a cloud provider

No. CipherCloud never has access to a customer’s encryption keys unless specifically requested for support purposes. All encryption keys are generated after the software has been deployed at a customer’s site, and new keys can be generated and rotated by customers as frequently as needed.

What countries does CipherCloud operate in

CipherCloud is headquartered in San Jose, California (USA) with offices in the United Kingdom, Australia, and partners throughout North America, Europe, Asia, and Latin America.