Back Vantage in the Cloud

Security AWS Azure Google Hybrid

Cloud Data Security As-a-Service

Teradata meets strict cloud data security requirements for Vantage delivered as-a-service

Stay Secure with Teradata Cloud data security is the number one priority when it comes to the Vantage environments Teradata provisions and maintains for customers. Teradata invests in third-party audits to demonstrate regulatory compliance with rigorous standards such as GDPR, PCI, HIPAA, ISO 27001, and SOC 1 and 2.

Teradata expert data security in the cloud

Cloud Security Solutions

Expert protection in the cloud

Cloud computing revolutionized the way organizations manage their data. Customers want as-a-service offerings for Vantage and at the same time there may be anxiety about entrusting intellectual property and IT infrastructure to an external provider.

Get serious about security

Cloud Data Security is the top priority

Teradata recognizes and respects customer concerns. Teradata treats data security as the number one priority for its as-a-service offerings. Industry best practices are overseen by a team of experts empowered to keep threats at bay.

Cloud Security for Vantage Delivered As-a-Service

Download now

Datasheet

Cloud Data Security for Vantage Delivered As-a-Service

Get the details of Teradata data security policies and regulatory compliance certifications.

Download now

Features & Benefits

Data Encryption

Data is encrypted in transit and at rest; additional data protection is available with proven solutions from noted security partners.

Active Directory

As-a-service environments are LDAP ready, or you can use either database authentication or the Active Directory to authenticate database sessions.

Database User Roles

All data stored within as-a-service systems are accessible only by individual user-IDs that are assigned to each of your designated users; the Cloud Operations team does not have access to customer data.

Audited Compliance

Teradata invests in third-party audits to demonstrate regulatory compliance with rigorous security regulations such as GDPR, PCI, HIPAA, ISO 27001, FISC, and SOC 1 and 2.

Stringent Access Control

Teradata access protection policy mandates a risk designation for every Cloud Operations position and thorough screening criteria for all individuals filling those posts.

Two-tiered Cloud Security Defense Plan

Reinforced network security includes border router ingress and egress filtering control lists configured as ‘deny-by-default’ – and beefy application firewalls provide additional defense.

Cloud Security and Monitoring

The Teradata Security Information and Event Monitoring (SIEM) system collects and correlates all cloud security events, facilitating quick detection of cyber-attacks and policy violations.

Storage Device Decommissioning

Hard disk drives and primary memory in as-a-service infrastructure, and the physical storage media used for loading data, are stored in locked cabinets within secure data centers.

Teradata uses the process documented in NIST Special Publication 800-39, Managing Information Security Risk, as the basis for its security risk management program. The Teradata security risk management process focuses on tier 3, information systems view, as defined in the document and is organized as follows:

Risk Framing

Establishing context for risk-based decisions

Risk Assessment

Identifying and assessing security risks

Risk Response

Addressing and mitigating identified risks

Risk Monitoring

Monitoring risks and improving processes

Supply Chain Security Policy Teradata maintains a separate Supply Chain Security Policy reviewed annually. The Security Director reviews all cloud technology components and identifies those items being procured that are critical to maintaining security. These technology products and services are designated as Critical.

Open Source Security Policy Teradata maintains an Open Source Security Policy reviewed annually. All code libraries required for execution are identified and entries in the National Vulnerability Database are noted. Patches for all Critical and High-Risk items in the NVD report are documented and applied to the software.

Assets

GDPR Compliance

The General Data Protection Regulation (GDPR), a regulation in European Union law on data protection and privacy, aims to give individuals control over personal data.

PCI DSS 3.2 Attestation of Compliance

Payment Card Industry (PCI) Data Security Standards (DSS) clarify the online credit card transaction requirements around encryption, access control, change management, application security, and risk management programs.

HIPAA Audit Reports

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) addresses technical and non-technical safeguards that “covered entity” organizations must put in place to secure individuals’ electronic protected health information (e-PHI).

SOC 1 and 2 Audit Reports

Coalfire Controls, LLC performed a Statement on Standards for Attestation Engagements No. 16 (SSAE16 SOC 1) and AICPA Service Organization Controls 2 (SOC 2) Type 2 examination for Vantage delivered as-a-service systems.