San Diego, CA (PRWEB) January 08, 2014
Reliable protection of your client's Personally Identifiable Information (PII) is one of the primary hurdles facing IT departments when looking to an external solution for their organization's CRM needs.
The Cimmaron XAP platform is built upon a security architecture that uses two levels of data encryption and a certificate management design unique to the industry because of its ability for clients to manage their own private key via the Cimmaron CloudCrypt technology.
"We are especially proud not just of our technology, but of the policies and procedures we have developed to deal with key management, key protection, physical protection, and so on."
Senior Software Architect
SSN and other vulnerable contact data is encrypted both in the database and optionally through certificates held at the client site. This provides protection in cases where the outer layers of security (firewalls, web servers, etc.) may be comprised.
With CloudCrypt, our customer's IT department holds control over certificate management by maintaining the private keys used to decrypt their client's data. This approach provides a way to extend corporate security practices and policies outside their own network and into an externally hosted CRM solution. The customer decides which users can decrypt the client's critical PII data and with this method only the organization, not Cimmaron, has access to the private key.
Private keys can be deployed using GPO, logon scripts, or any other way that domain assets are distributed. Lastly, keys can be marked as non-exportable and pin protected on the client machines, providing the ultimate in data protection.
There are two methods for setting up this type of protection:
◦ Windows licenses
◦ External hard drives
◦ USB media
◦ DVD destruction equipment
◦ Best practices document
◦ Implementation checklist
◦ Off-site and on-site professional service support
Visit http://www.cimmaronsoftware.com for more information regarding implementation and pricing.