Information Security Layer

 

The information security layer in O3 will draw on Symantec's comprehensive data-loss prevention (DLP) and Pretty Good Privacy (PGP) encryption portfolio to protect the data, but it will not be available at the product launch, Schneider said.

The DLP component handles user and device authentication before granting access to the cloud. It also checks on what information is being sent out. If a piece of data is subject to Payment Card Industry Data Security Standard (PCI DSS) requirements, that information is protected accordingly before being sent out.

All confidential information leaving the organization is encrypted before being stored in the cloud, offering businesses an extra layer of security while using cloud applications. Since O3 manages the user, employees cannot sidestep the security controls by logging in from a nonauthorized device-such as a home computer or a mobile device-since the data will remain encrypted.

O3 also offers monitoring capabilities, and it alerts administrators and appropriate business stakeholders of any significant security events, as well as providing a full picture of what is going on across all cloud services. Organizations also can see how internal policies, such as password length and how information is being stored, are being enforced. Then the system generates documentation proving regulatory compliance.

"In time, there will be more and more features and functions exposed to the cloud so that you can have exactly the same visibility and control that you have today," Schneider said.