uniscon.de

iDGARD: Secure Collaboration and File Exchange via patented Sealed Cloud TechnologyPresentation, August 2017

uniscon.de

Uniscon at a Glance• Founded 2009 (Munich Technology Centre, MTZ)• Tech leader in web security• R&D and data centres in Germany• Approximately 40 employees• Customers in all industriesAbout Uniscon GmbHUniscon develops and und operates secure Cloud solutions and services:• Security technology for Cloud computing patented world-wide(IaaS, PaaS, SaaS)• Technical exclusion of service provider (provider security)• Data remain protected even during processing in data centre• Contents and connection information (meta-data) are protected

uniscon.de

Solution: „Sealed Cloud“ Technology Technology ensures best privacy� Technology excludes serviceprovider access – unique� Data protected even during processing –„sealed processing“� User completely controls any access to dataTechnische Versiegelung des Rechenzentrums� Certified by TÜV Nord in highest privacy category III, i.e. also compliant for professional secrets� Approved by German public data privacy authorities� Best in class privacy

uniscon.de

� Sealed Cloud allows cloud even for highly sensitive applications– Technology excludes even administrative access per se – Patents cover the full stack from hardware up to application software– Uniscon operate their own data centres in Munich and Nuremberg

� iDGARD: first Sealed Cloud solution – secure data rooms and file exchange– Software-as-a-Service (SaaS) for business collaboration– First service complying with highest level of “Trusted Cloud Data protection Profile – TCDP” (German privacy regulation)– iDGARD users may share or store sensitive data - such as personal data

� Sealed Cloud-based portfolio grows– Sealed Freeze (available) freezes sensitive data, ECJ-compliant:e.g., for data retention in telecoms, CCTV videos, medical patient data– Sealed Analytics (ongoing project) allows “Big Data” with sensitive data lakes– Sealed Platform (under development) secures critical cloud applications

Sealed Cloud Technically Protects Critical Applications– More Securely than a Private Cloud

uniscon.de

ServiceSolutionPlatformSolutionManaging technical policy enforcement for sensitive dataProviding highest protection for business collaborationEnabling privacy compliant Big DataCloud upgrading for critical applicationsSealed Cloud Protects Critical Applications:Compliant with EU General Data Protection Regulation Available fromUniscon, twin-solutionby TelekomAvailable from Uniscon,operated by TÜV SÜDProductive in joint project Uniscon / Continental AGUnder development(sponsorship: Federal Ministry of Economics)

uniscon.de

File Exchange, Data Rooms & Business Collaboration –Comfortable, Productive, SecureDokumente sicher online speichern & austauschenProjektarbeitsbereiche & revisionssichere DatenräumeSecure exchange of documents, messages, chatProject work spaces & audit-proof data roomsDesignerERP, ERM CADSales rep Team coordinatorFinancial auditorField service Construction supervisorProcurementSupplierConsultantLawyerUnique features:(a) Data centre operator excluded from access – patented(b) Unique protection of content as well as meta-data – certified� Patents granted in Europe, U.S., China� Provided from a German data centre� Certified at highest level - Protection Class III – Trusted Cloud Data Protection Profile� Protects professional secrets – compliant for physicians, lawyers, auditors, … (TCDP V0.9 –protection classIII)for highest protection class in Clouds

uniscon.de

Sealed file transfer(instead of limited FTP solutions)Sealed messaging(instead unprotected email)Sealed data rooms (team and project rooms)(instead of …)Sealed chat(instead of …)Secure mobile access to files and messages(instead of …)Secure scheduling of appointments(instead of …)Sealed machine-to-machine data rooms(instead of complex VPN networks and open ports)iDGARD: Application Scenarios

uniscon.de

How do you access iDGARD? iDGARD Productivity Tool(Windows client for synchronization, messaging & more)iDGARD Apps(iOS, Android, Blackberry) File Explorer(Network drive by WebDAV)BrowserAvailable everywhereOutlook Add-inEmails & attachments via iDGARD MS Office Add-in (Beta available)Direct editing of documents Further options: iDGARD SharePoint Connector, iDGARD Productivity Tool for server, …

uniscon.de

How to create a Privacy Box?• Employee / user (full license) may create box:

− Create Privacy Box− Invite internal and external members to box− Determine user rights for each memberPrivacy Box:

• Virtual, secure network drive• Directories & sub-directories• Documents• Messages• Chat• Scheduling of appointments• Upgrade to data room possibleiDGARD Privacy Box = secure storage / work space fordocuments, messages, team collaborationDocuments / files

• Any format• Size up to 5 GB per fileChat• One chat room per box• Chat- messages for all box membersMessages• Texts similar to email• Stored like documents in thecurrent directory

uniscon.de

Internally ExternallyEmployeeAdministrator exchange files Permanent guestExternal user invited to join project roomread files One-time reading accessTemporary guestEmployeeiDGARD: Convenient Application

uniscon.de

WindowsClientiDGARDEMS*AD Domain/Intranet iDGARD useActive Directory/ LDAP � User rights stored in LDAP/AD� User enjoys iDGARD via single sign-on (SSO)– iDGARD session per click on icon:iDGARD authentication via proxy agent– User may use iDGARD instantly– Also home office, mobile devices (VPN or UN/PW)

� Option:– Floating licenses / pay-per-use– Saves costs: 1 licence for various users

DMZ Internet* Enterprise Management System

iDGARD: Open LDAP / Active Directory Integration

uniscon.de

IDGARD: Secure Collaboration forSME & Large-Scale Enterprises Starter PackageCompanies with ~ 100 users Premium Packagefor enterprises� Flexible management per Web portal� Instant response� Monthly use-based invoicing� Guest licences for external partners, for bi-directional communication & real-time teamwork � Integration per LDAP/Active Directory

� Online single sign-on� Predefined rights for LDAP groups� Integration into business processes (connectors, Web service APIs)� Concurrent licences� Guest licences for external partners, for bi-directional communication & real-time group collaboration� Optional detailed accounting

� Option: Added protection against document forwarding / relaying & audit-proof journals � Optional added protection against document forwarding / relaying & audit-proof journals https://www.idgard.de/liste-der-idgard-funktionen/

uniscon.de

iDGARD Solutions Automatic reporting per APIIntegration into educational softwareAutomatic verification & transfer of ID pictures to registration offices Cloud based, automatic attachment transfer

uniscon.de

� “Versiegelte Cloud” perfectly fills a gap in Deutsche Telekom’s service portfolio– Business SaaS to store and share sensitive data – Positioned as part of the Magenta Security Suite – Meets legal privacy obligations in Germany even for critical applications– DT‘s Sealed Cloud data centre may deliver additional Sealed applications, tooDeutsche Telekom Offers iDGARD Twin-Service„Versiegelte Cloud“: White Label iDGARD Produced in DT Data Centre

uniscon.de

iDGARD Trusted Cloud Data Privacy Certificate:Comparable Security & Exoneration of UsersProtection Class IIGerman „Trusted Cloud Data Privacy Profile“ (TCDP)References to date become mandatory:ISO/IEC 27002:2013, ISO/IEC 29100:2011, ISO/IEC27018:2014 � In the past: various cloud provider standards were incomparable� Now: TCDP certification: ensures protection classes, comparability, binding legal consequencesISO/IEC 27001:2013 orBSI IT-Grundschutz (base protection per Federal Office of Information Security) Result:Providing organization is compliantResult:(a) Privacy demands met(b) Cloud user control obligations metLegal Requirements(German Data Protection Act, future EU data protection decree) Protection Class ConceptDemands Classes I – IIIRequirements Classes I - IIIGeneral FrameworkCertification* and ResultProtection Class IIIProtection Class IProtection Class III of TCDP certification is running a pilot with iDGARD.

uniscon.de

� The EU General Data Protection Regulation (GDPR) aligns national approaches– Incorporates national regulations such as German TCDP – Adds new obligations such as “privacy by design”– Will be mandatory in the EU starting 2018

� GDPR is an opportunity for Sealed Cloud to expand internationally– Sealed Cloud complies with GDPR and is ready for EU and other countries– Economies of scale: international deployment and centralised production– iDGARD today is available in English, German, French, Italian, Spanish– Prepared to add more languages – also non-European and barrier-free user interfaces

Sealed Cloud is Ready for EU-wide Deployment… … though EU GDPR Is Superset of Today’s National Rules

uniscon.de

Uniscon GmbH Agnes-Pockels-Bogen 180992 Munich, GermanyeMail: contact@uniscon.dePhone: (+49-89) 4161 5988 -100www.uniscon.dewww.idgard.deContact