SuccessFactors Safe Harbor Certification

and Data Security

What is Safe Harbor Certification?
Based on the European Commissions October 1998 directive that prohibits the transfer of
personal data to non-European Union nations that do not meet the European "adequacy"
standard for privacy protection, Safe Harbor certification provides a streamlined means for US
organizations to comply with the Directive, with a certification process developed jointly by US
Department of Commerce in consultation with the European Commission.
The Safe Harbor process approved by the European Union (EU) in 2000 is an important way
for US companies to avoid experiencing interruptions in their business dealings with the EU or
facing prosecution by European authorities under European privacy laws. Certifying to the safe
harbor standards assures that EU organizations know that a US company provides "adequate"
privacy protection, as defined by the October 1998 Directive.
Safe Harbor certified organizations must comply with the seven safe harbor principles. The
principles require the following:
Notice: Organizations must notify individuals about the purposes for which they collect and use
information about those individuals. Organizations must provide information about how individuals
can contact the organization with any inquiries or complaints, the types of third parties to which
the organization discloses the information and the choices and means the organization offers for
limiting its data use and disclosure.
Choice: Organizations must give individuals the opportunity to choose (opt out) whether their
personal information will be disclosed to a third party or used for a purpose incompatible with the
purpose for which it was originally collected or subsequently authorized by the individual. For
sensitive information, affirmative or explicit opt in choice must be given if the information is to be
disclosed to a third party or used for a purpose other than its original purpose or the purpose
authorized subsequently by the individual.
Onward Transfer (Transfers to Third Parties): To disclose information to a third party,
organizations must apply the notice and choice principles. Where an organization wishes to
transfer information to a third party that is acting as an agent, it may do so if it makes sure that
the third party subscribes to the safe harbor principles or is subject to the Directive or another
adequacy finding. As an alternative, the organization can enter into a written agreement with such
third party requiring that the third party provide at least the same level of privacy protection as is
required by the relevant principles.
Access: Individuals must have access to personal information about them that an organization
holds and be able to correct, amend, or delete that information where it is inaccurate, except
where the burden or expense of providing access would be disproportionate to the risks to the




SUCCESSFACTORS
W Wo or rk kf fo or rc ce e P Pe er rf fo or rm ma an nc ce e M Ma an na ag ge em me en nt t
individual's privacy in the case in question, or where the rights of persons other than the
individual would be violated.
Security: Organizations must take reasonable precautions to protect personal information from
loss, misuse and unauthorized access, disclosure, alteration and destruction.
Data integrity: Personal information must be relevant for the purposes for which it is to be used.
An organization should take reasonable steps to ensure that data is reliable for its intended use,
accurate, complete, and current.
Enforcement: In order to ensure compliance with the safe harbor principles, there must be (a)
readily available and affordable independent recourse mechanisms so that each individual's
complaints and disputes can be investigated and resolved and damages awarded where the
applicable law or private sector initiatives so provide; (b) procedures for verifying that the
commitments companies make to adhere to the safe harbor principles have been implemented;
and (c) obligations to remedy problems arising out of a failure to comply with the principles.
Sanctions must be sufficiently rigorous to ensure compliance by the organization. Organizations
that fail to provide annual self certification letters will no longer appear in the list of participants
and safe harbor benefits will no longer be assured.

Value of Safe Harbor Certification for our Customers
Safe Harbor certification provides a number of important benefits to US and EU firms. Benefits for
SuccessFactors customers include:
All Member States of the European Union are bound by the European Commissions
finding of adequacy so any information stored on SuccessFactors system is compliant
with data privacy laws in all countries in the European Union.
The data flow of all data stored on SuccessFactors system will not be interrupted due to
European Privacy Law violations.
Should a data privacy violation claim be brought about by a European citizen against
SuccessFactors and/or your company, it will be heard in the US subject to limited
exceptions.
You can view SuccessFactors Safe Harbor Certification online by searching for Success
Acquisition Corporation at the US Department of Commerce web site:
http://web.ita.doc.gov/safeharbor/shlist.nsf/webPages/safe+harbor+list
SuccessFactors Safe Harbor Certification
SuccessFactors is Safe Harbor Certified by the US Department of Commerce to be in
compliance with EU Regulations on data privacy. Our security (data encryption, passwords)
and our permissions management functionality combined provide our users with total control
over access to sensitive data (and data that Work Councils have the right to restrict/control
access to and use of) and how that data is used in the process. Works Council and employee
privacy rights issues are fully addressable in the configuration process (e.g., a process step to
secure employee consent to the capture and storage of information can be inserted.)
Security Overview
SuccessFactors delivers an integrated suite of applications that allows the entire Workforce
Performance Management process to be conducted in a secure yet easy to use and
intuitive fashion.

Application level security controls are put in place on multiple levels.
o The SuccessFactors suite is built on a robust, industry standard architecture utilizing
JAVA and J2EE technologies.
o Desktop security and encryption prevent unauthorized access.
o Access controls restrict access to critical data based on configurable rules.
o Security against external threats, such as hackers, protects data.
o 24x7x365 intrusion monitoring by IBM helps to ensure that any significant security
threat is discovered and resolved immediately.
IBM data centers provide physical security for the best possible security of customer data.
IBM provides redundant connectivity, data backups, and disaster recovery to ensure that
the application and customer data are accessible.

























Application Level Security
Application level security is critical to ensuring that only authorized users are able to access data.
The most fundamental application level security precaution is the robust, flexible design of the
application itself, which allows users to configure workflow and access control while preventing
against access by malicious parties. Additional application level security measures have been
implemented to ensure comprehensive security of critical customer data.

Robust, industry standard architecture - the application utilizes JAVA and the J2EE
industry standard. Integration is supported through .CSV, XML and SOAP Web Service
standards. The application is portable to any platform and is deployed on Sun One Web
Servers, BEA Application Servers, Oracle Database Servers, Veritas High Availability Cluster
Servers and utilizes Cisco Networking.
Desktop security and encryption ensure security in user desktop access.
o Safe desktops SuccessFactors delivers only pure HTML and JavaScript so desktops
do not require any changes or special permissions.
o Session timeouts SuccessFactors times-out user sessions if the application is left
inactive for thirty minutes.
o Encryption to the desktop every page of the SuccessFactors Application is delivered
via SSL. The only port enabled in the SuccessFactors infrastructure is port 443 for SSL.
No HTTP or port 80 traffic is allowed.
Access controls allow administrators to configure rules that allow line of sight of goal
alignment for management but restrict access at the lower levels.
Security against external threats IBM uses cutting edge technology to help protect the
security of customer data against external threats, such as hackers.
o Firewalls Redundant Cisco PIX Firewalls in a dedicated environment.
o Network intrusion detection helps guard against attacks by monitoring all data center
TCP/IP traffic around-the-clock and notifying SuccessFactors in the event of an imminent
threat. IBM utilizes Cisco based IDS equipment.
o Vulnerability scanning proactively tests the Internet-connected Web servers by openly
searching for weaknesses in the same way that a hacker would.
o Vulnerability assessment SuccessFactors uses multiple scanners to analyze Web
servers and applications from a low-level, solitary hacker perspective and identify
possible security holes.
24x7x365 Live Operator Monitoring IBM security teams monitor the SuccessFactors
infrastructure 24x7x365 with live operators.


Physical Security and Connectivity
SuccessFactors utilizes an IBM data center in Secaucus, New Jersey to manage its physical
security and connectivity needs. Internet connectivity is managed through IBMs redundant
relationships with multiple local ISPs.

Physical Security - managed at the secure IBM facility, physical security includes redundant
power and environmental controls as well as measures to prevent unauthorized access. The
hosting center is staffed around-the-clock with on-site support and skilled technicians.
o Power distribution and backup power supply The IBM facility provides multiple
levels of power redundancy for the highest levels of availability. Local power supplies
enter the buildings via two services from local electric utilities and feed into two busses,
providing diverse power distribution. Battery and Uninterruptible Power Supply (UPS)
backup power sources automatically take over in emergencies and are augmented by
diesel generators.
o Environmental controls heating, ventilation and air conditioning systems provide
appropriate and consistent airflow, temperature and humidity levels. The systems are fully
redundant and are monitored 24 hours a day, 7 days a week. Maintenance contracts
specify a four-hour-or-less response time for emergencies.
o Fire suppression and water mitigation the hosting center is equipped with fire and
smoke detectors, alarms and extinguishing systems based on local building codes. This
includes pipe sprinkler systems and under-floor leak detection systems. In the event of
city water supply failure, backup wells provide fresh water.
o Physical access controls comprehensive physical security features and procedures
are designed to protect servers and equipment. 24x7x365 onsite security personnel
identify visitors and record each visit. "Man traps" secure entrances. Motion detectors
and alarms are located throughout the facilities, and silent alarms automatically notify
security and law enforcement of breaches. Biometric devices secure access doors
and cages.
o Security cameras monitor activity throughout the facility, including equipment areas,
corridors and mechanical, shipping and receiving areas. Exterior cameras cover
entrances, parking lots, rooftops and exterior facilities, such as generators and
mechanical equipment.

Internet Connectivity is managed through IBMs redundant relationships with local ISPs and
robust routing and load balancing architecture for distribution.
o Bandwidth is managed by IBM through dual active Internet bandwidth providers (AT&T
and Qwest). IBM utilizes weighted routing using BGP4 to allow traffic to take the
best path.
o Configuration redundant Cisco PIX Firewalls in a dedicated environment; redundant
Cisco switches in dedicated environment; redundant Alteon load-balancer in dedicated
environment; only allows SSL traffic on port 443 for the highest security standard.


Data Backups and Disaster Planning
Backups and disaster planning ensures that customer data is always accessible.

Backup and recovery SuccessFactors utilizes IBMs backup and recovery services to
protect your data against unforeseen hazards.
o Weekly full data backups are run by IBM with incremental data backups run nightly.
o Disk and tape IBM stores backups on disk and tape. Backups are available on disk to
insure quick availability and high speed restores.
o Offsite tape storage duplicate copies of backup tapes are transferred daily to a
security-rich offsite storage facility. If recovery is impossible using onsite backup media,
quick access to these vaulted copies can help limit business disruption.
Disaster recovery - SuccessFactors maintains a disaster recovery plan for its customers
and offers customized disaster recover plans.
















For More Information:
www.successfactors.com
1-800-809-9920