Certification CSPN en cours auprès de l'ANSSI

The protection of sensitive data is nowadays a key issue for the sovereignty of companies.

In an environment where data is increasingly subject to cyber attacks, ensuring the use of approved solutions for sharing and storage in the cloud is a guarantee and confidence.

We are therefore proud to announce that our PARSEC solution is in the process of CSPN certification with ANSSI .

PARSEC is the result of work carried out in partnership with the Bordeaux Computer Science Research Laboratory with funding from the Ministry of the Armed Forces via the RAPID grant scheme dedicated to dual innovations.

Perimeter

The PARSEC solution is a set of free software components available as desktop software for collaborative file management. Secure sharing is done by mount point or through a dedicated user interface.

PARSEC secures sensitive data before it is stored in public or private clouds. The solution guarantees confidentiality, integrity, historization, access control, non-repudiation, authenticity and management of concurrent operations.

The version under certification is PARSEC v 2.0.0 available here

Target

At the origin of the PARSEC research project, there is a strategic vision of the evolution of the cloud and the Internet: security and secure sharing of data are major challenges for the years to come and the only perimeter protection of the IT network no longer makes it possible to meet data security needs, the field of which is much broader: mobility of actors, security in the cloud, guarantees of integrity, confidentiality, responsibility of actors, etc. Controlling network traffic no longer guarantees data confidentiality, let alone integrity and authenticity. The security strategy must become "Zero-Trust" that is to say "Zero trust":

1. Any network is by default considered hostile.

2. Internal and external threats are present at all times on the network.

3. Being inside an internal network is never a guarantee of absolute trust.

4. Each terminal, each user and each network flow must be authenticated and authorized.

5. Security policies should be dynamic and defined from as many data sources as possible.

PARSEC is aimed at organizations that want to build enclaves of trust on a cloud (cloud) by relying on cloud infrastructures with lower security and low cost. PARSEC is an additional brick which makes it possible to reinforce the level of security of a trusted group which already complies with the regulations in force, in particular those relating to user workstations.

PARSEC allows sensitive or confidential data to be shared over the Internet in a private or public cloud, including from Internet access. PARSEC is aimed at technological SMEs / SMIs, start-ups, consulting firms, R&D entities or independent professions dealing with sensitive specialties by providing shared data with a guarantee of confidentiality, integrity, authenticity and historization.

Where we are ?

On April 16, 2020, the PARSEC evaluation file was sent to ANSSI for certification. On September 4, after analysis of the file, the security target for PARSEC v 2.0.0 was validated by ANSSI and registered, which allows us to officially announce that PARSEC is in the process of certification !

The certifying audit began on this date, the technical evaluation report is expected within two months from the date of the start of the work.

We will keep you informed of the progress!

Ange KOUADIO
Resp. Marketing & Content Manager SCILLE

Contact us