At Strafford Technology, we take data security seriously. We leverage Amazon Web Services (AWS) to create a secure cloud hosting environment optimized for our clients’ Enterprise Performance Management (EPM) applications and storage of their sensitive financial data. Many of our Enterprise clients are particularly concerned about data security for regulatory or compliance reasons. As an AWS Consulting Partner, we’ve designed our EPM hosting solutions to meet or exceed these requirements.
When discussing data security on the cloud we need to address two key areas of concern: data-in-motion and data-at-rest. Data-in-motion, (sometimes referred to as data-in-use) is information currently being accessed or transmitted. Data-at-rest is all information being stored physically in digital form, which would include all of the information stored on the cloud in volumes (virtual server hard drives).
We protect data-in-motion with Secure Sockets Layer (SSL) and/or Transport Layer Security (TLS) for our connectivity solutions delivered via Virtual Private Networks (VPN), Secure Web Browser (HTTPS), or Microsoft Remote Desktop Services Protocol (RDP). These are the same transmission-encryption techniques deployed by banks for use with online-banking or payment transactions. We also utilize 2-Factor Authentication during the user authentication for each of these connection methods.
The AWS platform allows us to secure data-at-rest with server-side encryption for Amazon S3 volumes. Each volume is encrypted using 256-bit AES encryption, one of the strongest block cipher encryption methods available. The entire encryption process and system is verified and audited regularly by AWS.
Through the proper planning and implementation of this available technology, our clients’ hosted EPM applications are in full compliance with regulatory guidelines around data security.