End-to-end Security
Security concerns on the cloud have been persistent and have, in part, limited the cloud's fullest potential. While cloud providers offer a level of infrastructure security, data and application security on the cloud is still incomplete. Ultimately, it remains the end user's responsibility to ensure complete protection of their information on the cloud, so their data and application deployments are not accessible by third parties.
Designed by security experts and validated by Global 2000 companies, CliQr uses proven security technologies to add a complete layer of security for cloud deployments. With CliQr, data and applications are visible only to the end user and cannot be accessed by any other party, including the cloud provider or CliQr. CliQr's security features include:
- End-to-end Data Encryption
- Secure Key Management
- Network Isolation
- Multi-user Access Control and Permissions
- Hybrid Cloud Integration
- Audit Event Logging
A Secure Cloud Application Management Platform
The CliQr CloudCenter™ platform provides end-to-end data and application security for cloud deployments. CliQr keeps data encrypted at all times—both at rest and in motion. In addition, both the cloud keys and the keys used for encrypting data are maintained and stored by CliQr inside a secure database vault. These keys can be unlocked only by the end user's CliQr password. As a result, the keys do not need to be downloaded and stored locally, where they might be breached or stolen. If requested by the end user, or required by a regulatory mandate, CliQr allows administrators to download and store the keys.
CliQr further protects deployments by implementing its CloudCenter Orchestrator to deploy application VMs with the correct network settings so the applications are protected by a firewall from any external parties. These settings may be customized during application on-boarding. CliQr's security technology is designed to integrate with other on-premises security and/or systems management tools and processes.
Security Begins with Managing Data
CliQr provides a Storage Agent that can be downloaded from the CliQr platform. The Storage Agent can be installed on premises and used to securely communicate with a business's shared cloud storage(s) in order to streamline and secure uploading and downloading of data. CliQr also securely synchronizes shared data storages that a business might have deployed on multiple cloud environments. CliQr's Storage Agent is invoked using the business's confidential CliQr credentials, which generate a unique encryption key that allows a storage sync (download or upload) session to start. Data in a storage sync session is compressed and encrypted using the session's encryption key, which is destroyed after the synchronization session is complete. This process and technology ensures that the data cannot be accessed by any other party (including CliQr or the cloud provider).
Hybrid Cloud Integration
Real-world enterprise-class cloud deployments often involve the active connection and coordination of applications, data sources, and services that reside on premises or on a cloud. Securely integrating these hybrid environments is critical to cloud security.
CliQr's patent-pending CloudCenter Connect™ is a secure service proxy that allows businesses to selectively access applications and private services (such as a database, licensing, printing, etc.) securely from any cloud deployment. This feature can be enabled by downloading and installing CliQr's CloudCenter Connect behind a business' firewall. Once configured, the selected application or service(s) residing in an on-premises private cloud or on a bare metal environment can be accessed from external private or public clouds.
CloudCenter Connect is also unique in that it requires no changes to firewall settings. Instead, it relies on unique secure tunneling, which allows selective access to desired on-premises applications, data sources, and services by the application deployed on the cloud without having to open the corporate network through a VPN.
