Cisco Cisco ScanSafe Web Security Hoja De Datos
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 2 of 4
Data Security
A dedicated Data Team manages and supports the data associated - the only access to data is through this team.
Data is replicated locally and off-site in separate datacenters for DR or replication purposes. Any sensitive data
such as user passwords or private keys is encrypted both in transfer and storage. Other non-sensitive data is not
encrypted when it is stored; it is encrypted only during transfer.
Logical Security
The dedicated Operations Team is sandboxed from corporate networks for administration of the service. The use
of best practice procedures and tools following ITIL workflows ensures secure access to systems.
Centralized auditing and monitoring solutions ensure protection and delivery of service.
Network Security
Cisco CWS uses
Cisco’s firewall products to protect every point of entry. CWS also utilizes other host based
protection measures and auditing tools. Furthermore, Cisco CWS utilizes multiple upstream providers for network
connectivity with DDOS mitigation tools. Full access and traffic monitoring ensures capture and analysis of all
potential attacks against the borders.
Cisco CWS's Stance with Regards to Safe Harbor
Is CWS Compliant with the Health Insurance Portability and Accountability Act (HIPAA)?
Cisco provides a range of security products that can be used by customers to meet many of the requirements
outlined in the HIPAA standards but only if properly configured, maintained, and monitored. Deployment of a single
product or set of products will not, in and of themselves, ensure HIPAA compliance.
Application Security
Customer administration is provided via a secure web portal. Each administrative account is accessed via a unique
username/password and the entire session is encrypted using SSL.
Anonymizing users’ personal details in web logs
In some locations it is necessary to protect users' identity within the reporting logs. This functionality can be
configured through the web filtering policy via a rule with the action of Anonymize, and can be applied globally, or
to specific groups of users (LDAP/AD/directory or custom). When applied, the following actions occur:
●
User identity is still read by the tower at the time a web request is processed.
●
Web filtering policy is applied according to user identity.
●
Prior to the tower forwarding the transaction details to the data warehouse in the Core DC (London), the
following user identity attributes are stripped out:
o
User is replaced with “Undisclosed”
o
Group is replaced with “Undisclosed”
o
Internal IP is replaced with “0.0.0.0”