What is CPS 234?
The Australian Prudential Regulation Authority's (APRA) Information Security Standard CPS 234 commenced on the 1st of July 2019 and mandates all APRA regulated entities to build the information security controls, capabilities, and measures to be resilient against security incidents, including cyber-attacks.
The entities need to bolster their hold upon information asset identification and classification, roles and responsibilities around information security with clear Segregation of Duties, implementation and testing of information security controls, internal audits, incident management, and breach notification.
CPS 234 calls for protective measures to be in tandem with the size of the business and the threats faced. Any third party that manages the information held by an APRA regulated company also needs to comply.
APRA Prudential Standards CPS 234: Proactive Protection Policies & Procedures
How Fortanix can help you meet CPS 234 compliance?
Apart from boasting a FIPS 140-2 Level 3 security policy with unmatched flexibility and scalability, the Fortanix Data Security Manager SaaS offers a broad range of security controls to help businesses meet their compliance standards.
How it helps?
Protect data wherever it’s residing
Fortanix DSM SaaS with integrated HSM, key management, encryption, shared secrets, and tokenization capabilities can facilitate data security at every level of the enterprise data stack, including applications, database, file system, full disk, and network-attached storage levels.
Centralized key management and security policies on-premises and multi-Cloud
Complete key lifecycle management as a service for secure and consistent key management across on-premises and multi-cloud environments. Applications and databases converge upon a single source of cryptographic services, and the security team gets a single pane of glass view of the entire ecosystem.
Fine-grained access controls for users and data
Only the authorized processor gets access to the required data and only for the duration for which a business case exists.
With Fortanix, you can substitute token for sensitive data using a REST API to achieve privacy compliance. This helps eliminate the link to sensitive data and protect against data breaches.
Transparent Database Encryption
Fortanix integrates with native database encryption to manage and store the cryptographic keys required to encrypt all your databases including Oracle, MS SQL Server, MongoDB, PostgreSQL, MySQL, Maria DB, IBM DB2, and more.