Dr. David Movshovitz - Navajo SaaS
Transcript of Dr. David Movshovitz - Navajo SaaS
![Page 1: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/1.jpg)
![Page 2: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/2.jpg)
The Navajo Systems vision:
To expand the use of cloud computing by
eliminating the entry barriers of data privacy
and regulatory compliance.
Founded in 2009 by experts in the fields of information security
and back by Jerusalem Venture Partners a leading Israeli
venture capital fund with over $780 million under
management
![Page 4: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/4.jpg)
Navajo in the News
![Page 5: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/5.jpg)
Analyst Recognition
![Page 6: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/6.jpg)
SaaS is all around us
The “traditional” enterprise vendorsare coming in
![Page 7: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/7.jpg)
“Security is the number one issue affecting the adoption of cloud
services.”Dan Yachin IDC - 2008
“Privacy concerns and laws or other domestic or foreign regulations
may reduce the effectiveness of our solution and adversely affect our
business.”SalesForce 2008 Annual Report
“The security models being used three or four years go are not the
kind we'll be using in the future.”Steve Purser, deputy director of European Union network security agency
Saas Industry Consensus #2
![Page 8: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/8.jpg)
Can We Trust our SaaS Providers?
![Page 9: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/9.jpg)
![Page 10: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/10.jpg)
![Page 11: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/11.jpg)
![Page 12: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/12.jpg)
Relevant Data Security Regulations
• Health Insurance Portability and Accountability Act (HIPAA)
• Sarbanes Oxley (SOX)
• Children's Online Privacy Protection Act (COPPA)
• Family Educational Rights and Privacy Act (FERPA)
US State Regulations
• California's AB 1950 and SB1386/CC1798
• Nevada NRS 597.970
• Massachusetts 201 CMR 17.00
• Florida's HB 481
• Georgia's SB 230
• Illinois' HB 1633
• New York's AB 4254
• Pennsylvania's SB 712
• Utah's SB 69
International Regulations
• The Payment Card Industry Data Security Standard (PCI DSS) and Check 21 Act
• UK Data Protection Act
• Canada's Personal Information Protection and Electronic Documents Act (PIPEDA)
• International government and banking regulations for the European Union, United Kingdom, Israel, South Africa, Australia and Singapore
The controller himself needs to GUARANTEE compliance withall data protection regulations.
![Page 13: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/13.jpg)
Cloud computing is about gracefully losing control while maintaining accountability even if the operational responsibility falls upon one or more third parties
(CSA Guideline 2.0)
What can we do?
Cloud Computing
![Page 14: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/14.jpg)
Virtual Private
SaaS
![Page 15: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/15.jpg)
The Customer Control Concept
![Page 16: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/16.jpg)
VPS: A Revolutionary Concept
Customer is in control of its data privacy
Real-time encryption of sensitive SaaS data
Sensitive data remains encrypted while at rest
SaaS application functionality is unaffected
Out-of-the-box policy configuration
No need to modify the SaaS application
*Patent pending technology
![Page 17: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/17.jpg)
Navajo VPS Use Case
![Page 18: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/18.jpg)
Client sends data to VPS
![Page 19: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/19.jpg)
Step 1: Detect Sensitive Data
![Page 20: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/20.jpg)
Step 2: Encrypt Sensitive Data
![Page 21: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/21.jpg)
Step 3: Send Encrypted DataStep 4: Store Encrypted DataStep 5: Receive Data from App
Encrypted Data Customer name : eso01992
Social security no : add3441asdadE-mail : [email protected]
Address : edqew213adaParent account : adcae87asf
Credit card no : adwew.edwe.eqe.qeqePhone no : 432-2424-242-234
![Page 22: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/22.jpg)
Step 7: Decrypt and Present Data Step 6: Detect Encrypted Data
![Page 23: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/23.jpg)
Step 8: Search and Query Data
![Page 24: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/24.jpg)
Real-time Encryption of Sensitive SaaS Data:
1. Contacts
2. Accounts
3. Reports
SaaS application functionality is unaffected
1. Search for data
2. Sort contacts
3. Run Reports
Live Demo
![Page 25: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/25.jpg)
Listed on Salesforce’s AppExchange
![Page 26: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/26.jpg)
Processing Encrypted Data
“...safe harbor provisions in laws and regulations treat lost encrypted data as not lost at all.”
–Cloud Security Alliance , December 2009
![Page 27: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/27.jpg)
Virtual - Private SaaS
![Page 28: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/28.jpg)
VPS Server Architecture
HTTP ProxyApache
SMTP Proxy & MTA
Pop3 Proxy SaaS Integration
API
Administration
Policy Management
*Encryption Engine
Standard Encryption Format-preserved Encryption
Search Enabled Encryption
File encryption
Sort and Search Enabled Encryption
*Based on NIST-standard algorithms
![Page 29: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/29.jpg)
VPS Server Architecture
HTTP ProxyApache
SMTP Proxy & MTA
Pop3 Proxy SaaS Integration
API
Administration
Policy Management
*Encryption Engine
Standard Encryption Format-preserved Encryption
Search Enabled Encryption
File encryption
Sort and Search Enabled Encryption
*Based on NIST-standard algorithms
![Page 30: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/30.jpg)
VPS Server Architecture
HTTP ProxyApache
SMTP Proxy & MTA
Pop3 Proxy SaaS Integration
API
Administration
Policy Management
*Encryption Engine
Standard Encryption Format-preserved Encryption
Search Enabled Encryption
File encryption
Sort and Search Enabled Encryption
*Based on NIST-standard algorithms
![Page 31: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/31.jpg)
VPS policy Data Flow
HTTP ProxyApache
SMTP Proxy & MTA
Pop3 Proxy SaaS Integration
API
Policy
*Encryption Engine
Standard Encryption Format-preserved Encryption
Search Enabled Encryption
File encryption
Sort and Search Enabled Encryption
SaaS / PaaS Vendor
![Page 32: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/32.jpg)
One Infrastructure
Multiple Application
![Page 33: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/33.jpg)
Mail Transfer Agent
SaaS Integration API
Corporate LAN/WAN
SaaS provider facilities
Internet
VPS Appliance
VPS as a Service
SaaS Application Servers
![Page 34: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/34.jpg)
Comparison of Data ConfidentialityRisk
Solution
Eaves-dropping/Tampering
Database Theft
IdentityTheft
ServerHacking
TLS / SSL
VPN
Virtual PrivateCloud
DatabaseEncryption
Firewall
SAS-70
Navajo –VPS
![Page 35: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/35.jpg)
With VPS, SaaS Customers will…
• Retain complete control over
sensitive data
• Eliminate data privacy concerns
• Eliminate data regulation concerns
• Reduce the expense of SaaS
solution audits
![Page 36: Dr. David Movshovitz - Navajo SaaS](https://reader033.fdocuments.us/reader033/viewer/2022052411/5575a1b3d8b42aff598b4cc9/html5/thumbnails/36.jpg)