Ensuring the security of confidential, sensitive information is an essential element of enterprise Security and Governance, Risk Management and Compliance programs. Regulations and standards such as the Federal Information Processing Standard (FIPS) Publication 140-2, Health Insurance Portability and Accountability Act (HIPAA), the Food and Drug Administration (FDA) 21 CFR Part 11, Sarbanes-Oxley (SOX), Gramm-Leach-Bliley Act (GBLA), Data Protection Directive (EU) and others, place significant requirements on organizations for encrypting content and securely sharing sensitive data such as confidential personally identifiable information (PII) and personal health information (PHI).
An industry first, the kiteworks three-tiered architecture enables secure deployment by allowing the web, application, and storage tiers to be separated and placed anywhere in the network. For example, the web tier can be placed in the DMZ for VPN-less access from mobile devices, while the application and storage tiers can be placed behind the internal firewall. Unique authentication tokens for each tier provide an additional layer of security from intrusions and data breaches.
The kiteworks solution provides security professionals with a corporate solution for securely sharing content across devices that ensures protection of sensitive information and IP, and demonstrates compliance with regulations.
For government agencies requiring FIPS 140-2 validated encryption, Accellion offers a FIPS 140-2 Certified module for private cloud (on-premise or hosted) and hybrid cloud. Accellion has completed the rigorous validation process and obtained certification by the Cryptographic Module Validation Program (CMVP) to meet the security requirements set forth for Federal organizations by the National Institute of Standards and Technology (NIST). Using the FIPS 140-2 module, Accellion can help government agencies meets federal requirements for the protection of data in transit.
Accellion complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland (the “Safe Harbor Frameworks”). Accellion has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Accellion’s certification, please visit http://www.export.gov/safeharbor/
Accellion also supports the US government’s Cloud First policy that mandates that agencies take full advantage of cloud computing. For agencies that utilize Accellion in a private cloud via Amazon Web Services (AWS), AWS has demonstrated it can meet the extensive FedRAMP security requirements and as a result, federal, state, and local government customers can leverage AWS’s secure environment to store and protect sensitive government data.