Pervasive has given significant attention to addressing the security concerns of customers accessing the Pervasive DataCloud. We have designed the architecture to focus on security at both the user and the application level.

The DataCloud utilizes the following security and standards:

• AES 128-bit or 256-bit encryption protocol (browser dependent) for the TLS connection.
• PGP encryption / decryption possible at the process level.
• PCI Security standards. (Updated January 1, 2012)

The DataCloud runs in the Amazon Web Services (AWS) environment.  The AWS environment has achieved the following security certifications:

• SAS70 Type II.  This report includes detailed controls AWS operates along with an independent auditor opinion about the effective operation of those controls.
• PCI DSS Level 1.  AWS has been independently validated to comply with the PCI Data Security Standard as a shared host service provider.
• ISO 27001.  AWS has achieved ISO 27001 certification of the Information Security Management System covering infrastructure, data centers, and services.
• FISMA.  AWS enables government agency customers to achieve and sustain compliance with the Federal Information Security Management Act (FISMA).  AWS has been awarded an approval to operate at the FISMA Low level.  It has also completed the control implementation and successfully passed the independent security testing and evaluation required to operate at the FISMA-Moderate level.  AWS is currently pursuing an approval to operate at the FISMA-Moderate level from government agencies.

Since this is a multi-tenant architecture, how do I make sure my applications and processes on Pervasive DataCloud are not accessed by others?

• Each Pervasive DataCloud tenant has their own set of credentials. Users need both a private and a public key to access their private Pervasive DataCloud2 processes.
• Pervasive does not share any keys outside our API, so there is no shared public storage.
• Entities cannot be deleted. However, customers can control their metadata.

What security protocol does Pervasive DataCloud use?

The DataCloud uses the Secure Sockets Layer (SSL) protocol with AES 128-bit or 256-bit encryption protocol for the TLS connection.

How do you address security during process execution?

From an execution standpoint, your process will never run on the same virtual machine as another data services process (i.e., each instance is separate from another). The machine operating on your behalf does not let you access it unless the Pervasive API lets you in with your secure credentials. If data does not belong to a particular process, a user of that process is not allowed access to the data. The user/product hierarchy does not let a user cross over to other products or processes.

How does Pervasive interact with Amazon Web Services' S3 storage?

The DataCloud controls access to S3 storage through the Pervasive DataCloud API security structure.

Please describe the security of Amazon Web Services (AWS).

The AWS firewall is 'locked down," meaning security is high and your virtual environment will be safe. Other Amazon machines cannot affect yours, and AWS restricts access of non Pervasive systems.

• Review the Amazon Web Services Risk and Compliance Document
  
• Review the Amazon Web Services Overall Security Processes Document

Is Pervasive DataCloud on a SAS 70 Type 2 audited infrastructure?

Yes. The Pervasive DataCloud is hosted on Amazon Web Services (AWS), a SAS 70 Type 2-audited site. In November 2009, AWS successfully completed a Statement on Auditing Standards No. 70 (SAS70) Type II Audit, and has obtained a favorable unbiased opinion from independent auditors. SAS 70 certifies that a service organization has had an in-depth audit of its controls (including control objectives and control activities), which in the case of AWS relates to operational performance and security to safeguard customer data.

Is Pervasive DataCloud PCI compliant?

The Pervasive DataCloud undergoes routine third-party site scans to meet the requirements of the PCI Security Standards Council. We invite you to review our site scan results.