The protection of sensitive data is nowadays a key issue for the sovereignty of companies.
In a context where companies are increasingly subject to cyber-attacks on their data, the guarantee of using approved solutions for sharing and storage in the cloud is a guarantee of assurance and confidence.
We are therefore proud to announce that our PARSEC solution is in the process of obtaining CSPN certification from the ANSSI .
PARSEC is the result of work carried out in partnership with the Laboratoire Bordelais de Recherche en Informatique (Bordeaux Computer Research Laboratory) with funding from the French Ministry of the Army via the RAPID grant scheme dedicated to dual innovations.
Perimeter
The PARSEC solution is a set of free software components available as desktop software for collaborative file management. The secure sharing is done by mount point or via a dedicated user interface.
PARSEC secures sensitive data before it is stored on public or private clouds. The solution ensures confidentiality, integrity, historization, access control, non-repudiation, authenticity and concurrent operations management.
The version currently being certified is PARSEC v 2.0.0 available here
Target
At the origin of the PARSEC research project, there is a strategic vision of the evolution of the cloud and the Internet: security and secure data sharing are major issues for the years to come and the sole perimeter protection of the computer network can no longer meet the needs of data security, the scope of which is much broader: mobility of actors, security in the cloud, guarantees of integrity, confidentiality, responsibility of actors, etc. Network traffic control no longer guarantees data confidentiality, let alone integrity and authenticity. The security strategy must become "Zero-Trust", i.e. "Zero Trust":
- Any network is by default considered hostile;
- Internal and external threats are present at all times on the network;
- Being inside an internal network is never a guarantee of absolute confidence;
- Each terminal, each user and each network flow must be authenticated and authorized;
- Security policies should be dynamic and defined from as many data sources as possible.
PARSEC is designed for organizations that want to build trusted enclaves on a cloud using low-cost, low-security cloud infrastructures. PARSEC is an additional brick to enhance the security level of a trusted group that already complies with current regulations, especially those related to end-users.
PARSEC allows the sharing of sensitive or confidential data on a private or public cloud, including from an Internet access. PARSEC is designed for small and medium-sized technology companies, start-ups, consulting firms, R&D entities or independent professions dealing with sensitive specialties, providing a guarantee of confidentiality, integrity, authenticity and historization for the benefit of the shared data.
Where are we now?
On April 16, 2020, the PARSEC evaluation file was sent to the ANSSI for certification. On September 4th, after analysis of the file, the security target for PARSEC v 2.0.0 has been validated by ANSSI and registered, which allows us to officially announce that PARSEC is in the process of certification !
The certifying audit started on this date, the technical evaluation report is expected within two months from the date of the start of the work.
We'll keep you posted on what happens next!
