Description
PFPT EMAIL ENCRYPTION STATE/LOCAL – S
The purpose of this document is to provide customers of Proofpoint’s cloud-based Email DLP and Email Encryption with the information necessary to assess how the product can support and enhance their data privacy strategy.
Email DLP & Email Encryption – Product Statement
Proofpoint Email DLP and Email Encryption work together to stop your users from sending emails containing confidential, sensitive, or protected information outside your company without authorization. Employing policies established by your company, Email DLP and Email Encryption classify and protect critical information to help reduce the risks associated with the unauthorized sharing of confidential, sensitive, or protected information.
Information Processed by Proofpoint’s Email DLP & Email Encryption
Featuring automatic sensitive data detection and transparent encryption centrally managed at the email gateway, Email DLP and Email Encryption analyze outgoing email to address people-centric data loss scenarios. This includes limited personal data embedded in the emails and attachments.
Customer Access to Email DLP & Email Encryption Data and Privacy Options
Email DLP and Email Encryption may be accessed by the customer’s administrator or authorized users. Processing and filtering results are made available to authorized users through the service console.
How Proofpoint Retains Records
Based on policies established by your company, Email DLP and Email Encryption identify and stop emails containing confidential, sensitive, or protected information from being sent. Data collected through the Email DLP and Email Encryption product functionality is retained in aggregated form, and is encrypted-at-rest, until securely deleted.
Proofpoint’s Use of Subprocessors
Proofpoint utilizes subprocessors to provide its services. A comprehensive list of the subprocessors may be found on the Trust site at https://www.proofpoint.com/us/legal/trust/subprocessors.
Security
Proofpoint maintains a documented information security program that is aligned with the requirements of NIST 800-53 and ISO 27001. Security controls include the following:
- Data in transit is protected using HTTPS/TLS.
- Encryption at rest is accomplished using AES 256.
- Access control mechanisms are present for physical and logical access to the facilities and the infrastructure hosting the services.
- Proofpoint has implemented policies and procedures for the identification and remediation of vulnerabilities in its products and services. Please see https://www.proofpoint.com/us/security.
- Proofpoint leverages a distributed security monitoring infrastructure to monitor for and alert on security incidents.
- A 24-7 network operation center receives and responds to security alerts, escalating to on-call security personnel.
- Proofpoint’s information security program undergoes an annual third-party audit in the form of a SOC 2 Type II audit for the Availability, Confidentiality, and Security trust services principles.