PerspecSys
Orangeville, Ontario, Canada (www.perspecsys.com )
Analysis by John Pescatore (Gartner Group)
Why Cool: Many enterprises would like to use external SaaS or cloud-based service offerings,
but most such offerings are unable to meet rigorous security, regulatory and privacy requirements
for certain types of sensitive data. PerspecSys's Cloud Data Governance software is transparent
to applications, and allows enterprises to store sensitive information locally, while the rest of the
data is stored by the SaaS or cloud service provider. PerspecSys does not provide encryption for
the data stored locally. (If encryption is required, then it must be done by the local application or
database.) PerspecSys essentially takes a tokenization approach, with an initial offering targeted
at enterprises using the salesforce.com platform. To maintain transparency with salesforce.com,
sensitive data is replaced with placeholder ("token") data before being stored by salesforce.com.
The sensitive data is stored on a local server and reinserted into the data stream whenever it is
retrieved from salesforce.com. This type of approach can allow enterprises to take advantage of
the strength of SaaS and cloud-based offerings without placing sensitive data at risk.
Challenges: Many major SaaS and cloud service providers will eventually obtain security
certification that will enable enterprises to feel more confident about storing sensitive data using
their offerings. "Do it yourself" tokenization approaches from nuBridges, RSA, Voltage Security,
Vormetric and others are already growing in adoption, and they also provide support for the
encryption of information used locally. PerspecSys needs to expand beyond its initial
salesforce.com implementation and offer a "tokenization as a service" capability — directly or
through partners — to stay ahead of the competition.
Who Should Care: Enterprises using salesforce.com for applications that contain confidential or
otherwise sensitive information, but do not have the capability to use salesforce.com encryption
application programming interfaces or to develop their own encryption solutions, should evaluate
PerspecSys.
No comments:
Post a Comment