HyTrust Cloud Security Policy Framework

HyTrust CloudSPF™

Our mission is to make cloud infrastructure more trustworthy for organizations pursuing a multi-cloud approach by delivering a critical set of capabilities required to proactively secure workloads, wherever they reside in the cloud.

The HyTrust Cloud Security Policy Framework (CloudSPF) allows organizations to automate the creation, application and enforcement of security policies for private and public cloud workloads, focused on the key attributes of the workload – People, Data and Infrastructure.

The Cloud Security Policy Framework (CloudSPF) is supported by a portfolio of HyTrust Workload Security solutions that address a wide range of security and compliance challenges from insider threats and data breaches to an ever-expanding security regulatory landscape.

  • Discover and classify workload data with tags to enable security policy enforcement
  • Manage data security lifecycle from discovery to encryption to key decommission across any cloud platform
  • Simplify key management and rekey process with high availability and zero downtime

  • Implement “least privilege access” and “separation of duties” to reduce risk
  • Enforce secondary approval escalation workflows for critical operations to prevent admin mistakes
  • Monitor admin privileges and scope to help determine risk profile and adjust permissions

  • Consistently enforce security controls to meet compliance mandates
  • Automate configuration hardening and continuously monitor infrastructure
  • Collect audit data from disparate sources for quick compliance reporting requirements

  • Prevent unauthorized communications between workloads that require trusted segmentation
  • Prevent workload access by unauthorized admins
  • Monitor and log all approved and denied actions per admin tenant for faster incident response

Find out more about HyTrust’s other solutions here.