These days, protecting sensitive data is a key factor in corporate sovereignty.
At a time when companies are increasingly subject to cyber-attacks on their data, guaranteeing the use of approved solutions for sharing and storing data in the cloud is a sign of assurance and confidence.
We are therefore proud to announce that our PARSEC solution is in the process of obtaining CSPN certification from the ANSSI. .
PARSEC is the fruit of work carried out in partnership with the Laboratoire Bordelais de Recherche en Informatique, with funding from the French Ministry of the Armed Forces via the RAPID grant scheme dedicated to dual-use innovations.
Perimeter
The PARSEC solution is a set of free software components available as desktop software for collaborative file management. Secure file sharing is performed via a dedicated user interface, or via a mount point.
PARSEC secures sensitive data before it is stored on public or private clouds. The solution guarantees confidentiality, integrity, historization, access control, non-repudiation, authenticity and concurrent operations management.
The version currently undergoing certification is PARSEC v 2.0.0, available here.
Target
The PARSEC research project was prompted by a strategic vision of the evolution of the cloud and the Internet: data security and secure data sharing are major challenges for the years to come, and perimeter protection of the IT network alone is no longer sufficient to meet data security needs, which are much broader in scope: mobility of players, security in the cloud, guarantees of integrity, confidentiality, responsibility of players, etc. Controlling network traffic no longer guarantees data confidentiality, let alone integrity and authenticity. Controlling network traffic no longer guarantees data confidentiality, let alone integrity and authenticity. Security strategy must become “Zero-Trust”:
- Any network is considered hostile by default;
- Internal and external threats are always present on the network;
- Being part of an internal network is never a guarantee of absolute confidence;
- Every terminal, every user and every network flow must be authenticated and authorized;
- Security policies must be dynamic, and defined from as many data sources as possible.
PARSEC is designed for organizations wishing to build trusted enclaves in the cloud, based on low-cost, low-security cloud infrastructures. PARSEC provides an additional layer of security for a trusted group that already complies with current regulations, particularly those relating to user workstations.
PARSEC enables sensitive or confidential data to be shared over the Internet on a private or public cloud, including from an Internet access point. PARSEC is aimed at technology SMEs, start-ups, consulting firms, R&D entities or independent professionals dealing with sensitive specialties, providing a guarantee of confidentiality, integrity, authenticity and historization for shared data.
Where do we stand?
On April 16, 2020, the PARSEC evaluation file was sent to ANSSI with a view to certification. On September 4, after analysis of the file, the security target for PARSEC v 2.0.0 was validated by ANSSI and registered, enabling us to officially announce that PARSEC is in the process of certification !
The certification audit began on this date, and the technical assessment report is expected within two months of the start date.
We’ll keep you posted!