Skip to content
BLOG NEWS CONTACT US

StratoKey CCM

Cloud Compliance Management (CCM) delivers complete automated compliance management and reporting for enterprise.

StratoKey CASB

StratoKey Cloud Access Security Broker (CASB) for protecting sensitive data in cloud and SaaS applications.

StratoKey CCM Platform

Platform Overview

End-to-end Compliance for any application.

Compliance Support

HIPAA

Ready to go Health Insurance Portability and Accountability Act pack.

ITAR & CMMC

ITAR and CMMC pack to power your compliance management.

NIST 800-53

NIST 800-53 pack for low, moderate and high baselines.

Compliance Packs

NIST SP 800-53, NIST SP 800-171, GLBA, FERPA, BaFin, PIPEDA, PDPA, Privacy Act.

Compliance Support

NetSuite, Salesforce, ServiceNow

Compliance integrations for NetSuite, Salesforce and ServiceNow.

StratoKey CASB + CCM

Data protection + compliance management.

Compliance as a Service (CaaS)

API for Compliance as a Service.

StratoKey CASB

StratoKey the CASB

Learn how StratoKey operates as a Cloud Access Security Broker for sensitive data in cloud and SaaS applications.

Cloud Data Protection

Delivering a complete, application agnostic, Cloud Data Protection platform through our EMAD™ technology stack.

How StratoKey works

See how StratoKey works to secure data in cloud and SaaS applications.

Featured Integrations

Box

Encryption, Monitoring, Analytics and Defensive capabilities for Box.

Confluence

Secure content in Confluence (including Cloud) with StratoKey.

Jira

Jira (including Cloud) encryption capabilities to support regulatory compliance.

NetSuite

Encryption, tokenization and anonymization services for NetSuite.

SAP Business ByDesign

Securing SAP Business ByDesign and S/4HANA with StratoKey.

Salesforce

Encryption and tokenization for Salesforce, without breaking your integrations.

ServiceNow

SNOW encryption, tokenization and anonymization. Official Partner.

Slack

Full control over data security through end-to-end encryption for Slack.

Application Agnostic

Highly configurable, field-level encryption and tokenization for any application.
Solutions

Cloud Data Pseudonymization

Anonymization of cloud data, without duplicates, whilst maintaining format.

Cloud Encryption

Standards compliant encryption for any cloud or SaaS application.

Cloud Access Security Brokers

A detailed feature summary of key StratoKey CASB characteristics.

Encryption as a Service (EaaS)

EaaS API with Encryption, Tokenization and Anonymization.
Compliance

HIPAA compliance

Meeting HIPAA compliance requirements for cloud and SaaS.

Data Sovereignty

Solving data sovereignty issues with cloud and SaaS applications.

GDPR compliance

How to ensure your cloud or SaaS application use is GDPR compliant.

Data breach laws

Understanding obligations imposed by data breach laws.

CASB Guide

How the right CASB can assist organizations in securing cloud data, applications and users.

StratoKey White Paper

A technical overview of how StratoKey operates to secure cloud and SaaS applications.

HIPAA Compliance Guide

How to meet stringent HIPAA PHI (Protected Health Information) requirements in the cloud.

GDPR Encryption Guide

What your organization can do to meet GDPR requirements when using cloud and SaaS apps.

Partner Program

Become a StratoKey platform or technical Partner.

Request Live Demonstration

Line up a StratoKey demonstration for your project team.

Contact us for more information

Contact us to discuss your requirements and learn more about StratoKey.

Salesforce Encryption

StratoKey is a CASB that provides Encryption, Monitoring, Analytics and Defensive (EMAD™) capabilities for Salesforce® and Force.com applications. With StratoKey, organizations gain control over their data security through FIPS certified Encryption (and optional Tokenization) that protects the confidential information input into Salesforce. This data protection ensures the information you store in Salesforce is encrypted and you have sole control of the encryption keys. StratoKey helps organizations meet stringent regulatory and compliance requirements (such as HIPAA, ITAR and GDPR) through selective encryption and clearly defined encryption key separation, including on-premise key storage.

Meeting Compliance Requirements

EMAD™ provides organizations with a complete set of powerful security controls designed to prevent data breaches and meet stringent compliance requirements. StratoKey helps organizations meet data privacy requirements specified by HIPAA, ITAR, GLBA, FERPA and GDPR. When an organization deploys StratoKey, in addition to field and attachment encryption, organizations immediately gain real-time user monitoring, security analysis of interactions, detailed audit trails and automated security rule and policy enforcement. This is all provided in a scalable, high-throughput, zero maintenance deployment.

Salesforce Integration

  • star_point Encryption of fields and attachments
  • star_point Lightning and Classic
  • star_point Single Sign On support (SSO)
  • star_point Security Rule and Policy Enforcement
  • star_point Mobile App support
  • star_point Salesforce Data loader
  • star_point High performance, low latency
  • star_point Apex, Trigger, Workflow support

Onshore storage & encryption for regulated Salesforce data

StratoKey has the capability to store locally (onshore) sensitive data that would normally reside in Salesforce. Using the StratoKey onshoring solution, organizations can store any sensitive data in their own database. This database can be hosted either on premise or in a private cloud environment. The StratoKey data onshoring solution is designed to assist organizations in meeting strict data privacy regulations and 'Safe Harbor' requirements.

StratoKey also provides data (field) encryption that can be utilized to control access to sensitive data. Unlike typical SaaS platform encryption, the client has complete control over data decryption. Encryption keys never leave the organizations control and Salesforce (the company) never has access to your encryption keys or decryption capabilities. All encryption and decryption of data is performed by your own StratoKey Gateway, that is hosted in your own infrastructure.

StratoKey solves regulatory compliance requirements that are easily overlooked. Requirements that are not solved by platform encryption, Shield or BYOK.

(1) Data Storage Location: You determine where your sensitive data is stored.

(2) Privacy of data: Encrypting or tokenizing (onshoring) ensures your data is always private and no-one except for the users you directly provision has access.

(3) Offshore support staff: When your data is encrypted or tokenized by StratoKey you control who has access. If you do not provision a user in your StratoKey Gateway, they never see sensitive data in plain text. It's always either encrypted or tokenized.

(4) Government access: By storing or encrypting data locally you prevent third party governments from accessing your sensitive data. In some countries this restriction is required (EU GDPR since Schrems II) by data privacy law.

Contact us to learn more about how we can help you with your Salesforce data protection requirements.

salesforce-gdpr-decryption salesforce-gdpr-encryption
salesforce-encryption-2 salesforce-encryption
DOWNLOAD CASB GUIDE

* EMAD™ is a trademark of StratoKey Pty Ltd.