Skip to navigation, content
Cloud computing has revolutionized the way organizations around the world manage their business and data, but it has also brought a unique set of concerns, especially when it comes to security. And while some businesses are quick to embrace the scope and convenience of the cloud, others remain hesitant because of fear about data breaches and cybercrime.
For everyone, the challenge of security remains paramount. That’s why Teradata Cloud delivers across-the-board service and support for every facet of cloud security, including physical, network, data protection, monitoring, and access controls.
So what would it mean to have a cloud security solution that encompasses the very latest in best practices? For starters, you could rest assured that vital information is protected by the strictest International Standards Organization (ISO) security standards and that security efforts are managed proactively by a skilled team of experts.
Teradata understands that any successful cloud security solution requires close collaboration between you and your cloud service provider. We know it’s critical that your organization has a program that covers everything from data governance and compliance to cloud user access.
We also recognize the necessity of having cloud security training available for all employees or contractors who have access to the cloud. Plus, it’s equally important to establish a data breach policy and to know your cloud provider’s incident response plan. And finally, you need the ability to audit your provider on a regular basis. Teradata’s Consulting Services security team is ready to assist you in any or all of those areas.
The Teradata Cloud service environment has been designed and built to meet the high security control standards set forth in FedRAMP, PCI, HIPAA, SSAE-16, and ISO 27001 requirements as well as the cloud-specific best practices outlined by the Cloud Security Alliance (CSA). See Figure 1.
When it comes to physical protection of the data center infrastructure powering Teradata Cloud service, we offer comprehensive support. This includes access control systems, alarm systems, administrator logging, two-factor authentication, codes of conduct, confidentiality agreements, background checks, and monitoring of visitor access. We log and monitor all physical access to the facility to detect and prevent potential security incidents. And we regularly review access logs to pinpoint any suspected unauthorized facility access then document such events and coordinate review and investigation with Teradata Corporate Security.
Our Tier 4 Certified Data SSAE-16-compliant hosting facility is staffed 24 x 7 x 365 and offers complete video surveillance with best-in-class monitoring and fire safety controls. In addition to ensuring that every system component entering or exiting our data center facilities has been authorized, documented, monitored, and controlled, each Teradata Cloud facility meets or exceeds applicable requirements for emergency power, emergency power shutoff, emergency lighting, fire protection, temperature and humidity controls, and water damage protection.
As part of our access protection policy we assign a risk designation to every Teradata Cloud operations position and establish screening criteria for individuals who fill those posts. Our program screens individuals prior to authorizing access and makes sure signed agreements are in place before access is assigned. The Teradata Cloud solution also enforces password complexity, stores and transmits only encrypted password representations, and sets minimum and maximum lifetime restrictions on those passwords.
Additionally, we offer a stringent re-approval process that includes:
Teradata Cloud includes two layers of network security defense. The first layer consists of ingress and egress filtering control lists applied to our Internet border routers; these lists have been configured as ‘deny-by-default’ and limit connectivity. Robust application firewalls make up the second layer of defense.
Teradata also configures your site-to-site VPNs (Virtual Private Networks) to terminate on the cloud firewalls and we set ACLs (Access Control Lists) to define which traffic may be transported across your tunnel. Any traffic not matching an “approved traffic” ACL will be blocked.
Teradata Cloud service encrypts and secures your data whether it’s coming, going, or at rest. For data in transit, we support secure connections between your application and your database. Cloud systems are accessible via IPsec VPN tunnels to your data center infrastructure, which provides an additional layer of security over open-access Internet-based connectivity. For extra protection you can also choose to use MPLS (Multiprotocol Label Switching) or P2P (point-to-point) circuits to connect to Teradata Cloud.
For data at rest, we utilize self-encrypting drives on dedicated database servers. There is also an optional “Enhanced Service” for column-level encryption which allows a database administrator to encrypt and control access to rows/columns within the database.
To make it easier for you to proactively detect cyber-attacks and policy violations, Teradata Cloud’s security monitoring process intelligently collects and correlates all security-relevant events. Network devices such as border routers and firewalls send intrusion events to our Security Information and Event Monitoring (SIEM) system. When the SIEM detects an intrusion attempt, it responds appropriately based on the type of event detected.
The only storage media used in the Teradata Cloud environment are hard disk drives and primary memory used in Teradata Cloud devices or the storage media you supply for loading your data. These media are stored in locked cabinets within the physically-controlled data center. All media is sent to the data center via secure courier or by another delivery method that can be accurately tracked.
As part of our decommissioning support, the Teradata Cloud operations team performs the following actions:
To help strengthen your disaster recovery and business continuity efforts, the Teradata Cloud operations team maintains a contingency plan that identifies essential missions and business functions along with associated contingency requirements. We also provide recovery objectives, restoration priorities, and related metrics and address contingency roles and responsibilities.
The disaster recovery and business continuity plan, which Teradata tests and reviews regularly, also shows you how to maintain vital missions and business functions despite potential information system disruption, compromise, or failure.
Why should you trust the security parameters protecting Teradata Cloud service? With a proud 35-year history of delivering industry-shaping database solutions, we understand the intricacies and importance of network security, access, management, monitoring, and control. Only Teradata brings you an unparalleled blend of technology, insight, and innovation. Our unique combination of industry knowledge, consulting expertise, analytic applications, and world-leading software offers everything you need to assess and maintain your security needs while enjoying the most effective cloud data warehouse and analytic environment available.
Read how two companies cut costs and gained more flexibility
Hear how Teradata Cloud enables SGN to drive its business forward
Learn how nine customers are using Teradata Cloud. A must read!
Understand the essential characteristics; everything else is noise.
A great primer on what it is and why you should care. Click to learn!
Contact us for insights and answers to your questions.
Teradata Cloud Info