WHITEPAPER SECURITY APPROACHES AND SECURITY TECHNOLOGIES IN INTEGRATION CLOUD

Size: px
Start display at page:

Download "WHITEPAPER SECURITY APPROACHES AND SECURITY TECHNOLOGIES IN INTEGRATION CLOUD"

Transcription

1 WHITEPAPER SECURITY APPROACHES AND SECURITY TECHNOLOGIES IN INTEGRATION CLOUD

2 TABLE OF CONTENTS 1 In this whitepaper User security Authentication Authorization & Access Control Data security Types of data stored Data isolation Data location Duration of data storage Data security External communication Web service security Cloud connector security Virtual networking capabilities Database security Conclusion More information?... 9 Last Update: September 2015 All Rights Reserved 2 10

3 1 IN THIS WHITEPAPER When working with an online platform, security is a key concern to many enterprises. In this document, you will find an overview of the different security approaches and technologies used on Integration Cloud, the online integration platform. Integration Cloud is an online integration platform that enables you to connect your applications and business partners in a reliable and transparent cloud environment. The platform helps you set up connections and integrations quickly and most efficiently and requires no investments in hardware, licenses and installations upfront. It enables you to start your integration in a matter of hours. Integration Cloud allows you to set up a hybrid integration infrastructure and securely connect to your applications, data or existing middleware through the internet. Built on Microsoft Azure technology, the online platform fully leverages the benefits and capabilities of Microsoft Azure and cloud technology. Built by integration experts, it brings you years of integration experience "as a service", at your immediate disposal. In any scenario Integration Cloud provides you with a business-oriented and user-friendly platform: Business-to-business Distributed Enterprise Application Integration (EAI) Exposing local data Elastic integrations This whitepaper aims to describe the different security approaches and security technologies that are being used on Integration Cloud. Last Update: September 2015 All Rights Reserved 3 10

4 2 USER SECURITY 2.1 AUTHENTICATION There are 2 types of authentication Username / password authentication This is the default and lightweight approach, used by most customers. Here, a user can log on with a username and a password that is maintained by our platform. Because of using standard frameworks for this, we use best practices such as hashing / salting of passwords Active directory authentication Another way of logging on to our portal, is through Active Directory credentials. Here are the options: Connecting, using an existing on premise Active Directory It is possible for users to log on, using their local Active Directory credentials. This is possible by setting up Active Directory Federation Services and have our platform trusting the Security Token Service (STS) of Active Directory. Still the actual authorization policies are defined on our platform, as they are very granular Connecting, using a Microsoft Azure Active Directory logon Microsoft Azure also provides an Active Directory (for example used by Office 365). It is possible to connect to our portal using these credentials. This setup requires less configuration and is easier to achieve. Another option is Two-Factor Authentication, which provides even better security, as a user has to confirm his identity through a text-message, or by answering an automated phone call Using other authentication providers Our portal is ready for other federated types of logins, using third party providers (such as Google, Facebook, Microsoft Account, etc ). 2.2 AUTHORIZATION & ACCESS CONTROL Once a user is logged on to the system, the authorization comes into play. We have a granular set of Access Rules. Last Update: September 2015 All Rights Reserved 4 10

5 2.2.1 User roles First of all, a user can get assigned a specific role per module in the application, as seen in the screenshot. There are 5 different modules, to which a user can get assigned an Administrator, a regular User or a Read-Only user: Configuration: in the configuration module, all settings can be seen and configured e.g. how to connect to other systems, what workflows are being used,... Monitoring: in the monitoring module, users can get an overview of all the different endpoints and services on the platform. Based on their role for this module, users can stop/start endpoints or just see the status of the endpoints. Deployment: in the deployment module, users can change the behavior of the processes. Code components, transformations and workflows can be uploaded, if users have the required access rights. Edoc: this is where Trading Partner management happens and where users can see all the exchanged electronic documents, the different trading partners and the agreements. Tracking: the tracking module shows the history of all processes, where users can search for specific messages, see what happened with them and even handle (e.g. resume) the messages if they have the required role assigned Artifact specific user rights In every environment, a user has access to, can be defined to which artifacts he has access. Business activities: we can assign a user to one or more business activities. These are the different processes or containers in which messages are processed isolated. (There can be an activity for Invoicing, for Dispatch Advices and one for Human Resources, for example.) Transco databases: a user can get access to a specific Transco database (schema). In this database schema, a user can change data of the tables. This is typically done for data lookups at runtime (translation of articles, EAN codes, etc). Reports: for every environment, multiple reports can be defined. It is possible to only make reports available to a set of users. These reports are visualized on the home page of the user s portal. edoc types: here can be defined that a certain user can only see a certain type of electronic documents. These document types are visible in the edoc module (for example: only outgoing invoices). Cloud connectors: the cloud connector is an on premises installation that we use to connect to local systems. A certain user can only have access to manage a specific cloud connector. Last Update: September 2015 All Rights Reserved 5 10

6 3 DATA SECURITY 3.1 TYPES OF DATA STORED In our platform, 3 types of data are stored Configuration & Tracking data Configuration data is the data that is defining the behavior and configuration of our platform. This contains data such as server settings, intervals, URL s,... We also store the tracked events and metadata of the different messages and processes we execute on our platform. We use these to show the replay of the messages, to search for historical data, or we can even build reports. All of this data is stored in Microsoft Azure databases (SQL Azure) Archived message bodies To be able to resume, download or resubmit messages, if need be, message bodies are stored in the cloud. These messages are stored in Microsoft Azure blob storage In flight message events Because of the asynchronous nature of cloud integration, we also store messages temporarily in queues. As soon as a message is processed, the message is removed from the queue. Having a queuing mechanism allows us to build a robust and scalable platform. These messages are stored in Microsoft Azure Service Bus queues. 3.2 DATA ISOLATION Every environment (customer/tenant) has its dedicated storage containers: - A dedicated Microsoft Azure SQL database - A dedicated Microsoft Azure storage account - A dedicated Microsoft Azure Service Bus namespace If a customer has two environments (Test / Prod), these will also have their own storage container. We chose this design for two important reasons: - Data security and isolation - Flexibility to scale and move data between data centers Last Update: September 2015 All Rights Reserved 6 10

7 3.3 DATA LOCATION Choice of data location As we are building on Microsoft Azure and all of our data is stored in Microsoft Azure, we can decide in which location our data will be stored. For that, we can chose between different data centers. Each year, new data centers are being added to Microsoft Azure, so there might be more data centers at the moment you are reading this paper, than the ones described in this document. The most important thing to remember is that we can define and even change data to reside in one of the data centers available. The latest list of data center locations can be found here: Geo replication of data Microsoft Azure storage is geo-replicated by default, but this can be turned off if wanted. The location where we read, create, update, or delete data is referred to as the primary location. The primary location is in the region we chose at the time of the Azure storage account creation. The location where the data is geo-replicated is referred to as the secondary location. The secondary location is automatically determined based on the location of the primary; it is in the other data center that is in the same region as the primary. The table shows the primary and secondary location pairings. Primary North Central US South Central US East US West US North Europe West Europe South East Asia East Asia Secondary South Central US North Central US West US East US West Europe North Europe East Asia South East Asia 3.4 DURATION OF DATA STORAGE In Integration Cloud, we have built-in purge procedures, where we can specify the duration of how long data should reside in the cloud. We can configure this per business activity, so that legal e-invoices don t get purged, where daily stock movements could get purged after 7 days, for example. 3.5 DATA SECURITY For data privacy, reliability and security, we rely on the Microsoft Azure platform and the robust security that is offered by this platform. You can find a detailed description in the Microsoft Azure trust center: The data centers of Microsoft Azure comply with industry standards, such as ISO/IEC 27001:2005, for security and reliability. We strongly advise to have a look at the above mentioned trust center, where you will find more information about security described in detail. Last Update: September 2015 All Rights Reserved 7 10

8 4 EXTERNAL COMMUNICATION A cloud integration platform also has to connect to other systems and platforms. And also here, we use security best practices to achieve a secure and reliable connection. 4.1 WEB SERVICE SECURITY When we expose an endpoint over a web service, so that other applications can send to this endpoint, we leverage Windows Identity Foundation to secure these connections. Based on the capabilities of the client application, we can chose and combine amongst the following options to make the connection: Certificate based authentication & authorization Message security (messages are signed and/or encrypted on the wire) Transport security (sending messages over HTTPS/SSL) SAML/oAuth IP Address restrictions / ACL 4.2 CLOUD CONNECTOR SECURITY When integrating to local systems (databases, file system, web services ) that are not connected over a virtual network with our cloud runtime, we use the Cloud Connector. This is a lightweight local installation that can connect to local systems, using a set of (pluggable) adapters. Data can be read from systems and sent to Integration Cloud. Or Integration Cloud can send data to the cloud connector that, in turn, will submit the data to the local system. In both connections, we use the same techniques as mentioned above (in web services). Or we can also combine it with the Service Bus Relay capabilities, which are firewall friendly. 4.3 VIRTUAL NETWORKING CAPABILITIES It is possible to connect Integration Cloud in a virtual network with other servers (either locally or in the cloud). This can be achieved through Microsoft Azure Virtual Networking: we can leverage this Virtual Network to set up an VPN in order to get a secure tunnel (using IPSEC as security protocol). This allows us to directly call or be called by other servers in the same network. 4.4 DATABASE SECURITY Microsoft Azure SQL Database provides a relational database service for Microsoft Azure and other Internet-based applications. The SQL Database firewall prevents all access to your SQL Database server until you specify which computers have permission. The firewall grants access based on the originating IP address of each request. Last Update: September 2015 All Rights Reserved 8 10

9 5 CONCLUSION For Integration Cloud, we build on the Microsoft Azure platform that is secure by design. Moreover, we apply all security best practices and take extra caution when connecting to external systems, outside of the Microsoft Azure network. With Integration Cloud, we take security, privacy and reliability as a fundamental requirement for development and design. 6 MORE INFORMATION? For more information or a demo of Integration Cloud, contact us via W: B: Skaldenstraat 7b, BE-9042 Gent, Belgium T F , rue de l Escaut, FR Paris, France T F Praça Duque de Saldanha, nº 20-1ºD, P Lisboa, Portugal T /4 F Codit Skaldenstraat 7b, BE-9042 Gent, Belgium T F , rue de l Escaut, FR Paris, France T F Praça Duque de Saldanha, nº 20-1ºD, P Lisboa, Portugal T /4 F

10 ABOUT CODIT Large, international companies often struggle to easily exchange data with their subsidiaries, customers, suppliers and other business partners. Many also face challenges with the upcoming trends such as Cloud, SaaS apps, Mobile, Internet of Things, Big Data Companies not only have to be aware of them, yet have to adopt these technology changes strategically to gain competitive advantage. That is exactly what our expert teams do: we integrate business applications with the newest Microsoft technologies. Codit is a leading IT services company providing consultancy, technology and managed services in business integration. We successfully help companies reduce operational costs, improve efficiency and enhance control by enabling people and applications to integrate more efficiently. Having started as a highly competent Microsoft BizTalk Server specialist, we have grown substantially to become a leader in business integration using a wide range of Microsoft technologies, including cloud-based solutions such as Microsoft Azure. ABOUT THE AUTHORS Wouter Seye Wouter Seye is Lead Product Developer with Codit. He has over 12 years of experience in developing on the.net platform and has been working with Microsoft Azure since the early bits. As such, Wouter has helped developing and designing the online integration platform Integration Cloud. By nature he has a keen interest in development best practices and patterns. Sam Vanhoutte Sam Vanhoutte is CTO and Product Manager with Codit and is a Microsoft Integration MVP. He is also BizTalk Virtual Technology Specialist and has extensive experience in building integrated enterprise, ESB and SOA solutions. Because of the specialized focus on integration on Microsoft technology, Sam is part of Microsoft's Connected Systems and Azure Advisory boards and is an Azure Insider as well as a Belgian MEET member. Sam co-founded the BizTalk User Group in Belgium (http://www.btug.be) and is an active crew member of the Azure User group (http://www.azug.be). While managing and architecting the online integration platform "Integration Cloud," Sam has been focusing on Cloud integration with the Microsoft Azure platform the last years, focusing on the Azure Service Bus and BizTalk Services technology. Sam is blogger on the Codit blog and tweets via DISCLAIMER This document, any attachments and the information contained therein (together the Document ) are confidential and to be considered as Confidential Information within the meaning of any agreement between Codit and the recipient. The Document is intended solely to be used by the addressee(s) for whom Codit meant it. If you have received the Document in error please send it back to the sender and delete it. The recipient of the Document is not allowed to make any use of -or to perform any act regarding the Document which is not explicitly permitted by Codit. Unauthorized use, dissemination or disclosure of the Document, either in whole or in part is strictly prohibited. Last Update: September 2015 All Rights Reserved 10 10

Sentinet for Windows Azure SENTINET

Sentinet for Windows Azure SENTINET Sentinet for Windows Azure SENTINET Sentinet for Windows Azure 1 Contents Introduction... 2 Customer Benefits... 2 Deployment Topologies... 3 Isolated Deployment Model... 3 Collocated Deployment Model...

More information

Implementing Microsoft Azure Infrastructure Solutions

Implementing Microsoft Azure Infrastructure Solutions Course 20533: Implementing Microsoft Azure Infrastructure Solutions Course details Course Outline Module 1: Introduction to Azure This module provides the students a high level introduction to Azure. Cloud

More information

Assignment # 1 (Cloud Computing Security)

Assignment # 1 (Cloud Computing Security) Assignment # 1 (Cloud Computing Security) Group Members: Abdullah Abid Zeeshan Qaiser M. Umar Hayat Table of Contents Windows Azure Introduction... 4 Windows Azure Services... 4 1. Compute... 4 a) Virtual

More information

Course 20533: Implementing Microsoft Azure Infrastructure Solutions

Course 20533: Implementing Microsoft Azure Infrastructure Solutions Course 20533: Implementing Microsoft Azure Infrastructure Solutions Overview About this course This course is aimed at experienced IT Professionals who currently administer their on-premises infrastructure.

More information

Implementing Microsoft Azure Infrastructure Solutions

Implementing Microsoft Azure Infrastructure Solutions Course Code: M20533 Vendor: Microsoft Course Overview Duration: 5 RRP: 2,025 Implementing Microsoft Azure Infrastructure Solutions Overview This course is aimed at experienced IT Professionals who currently

More information

Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led

Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led Implementing Microsoft Azure Infrastructure Solutions 20533B; 5 Days, Instructor-led Course Description This course is aimed at experienced IT Professionals who currently administer their on-premises infrastructure.

More information

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions

Course 20533B: Implementing Microsoft Azure Infrastructure Solutions Course 20533B: Implementing Microsoft Azure Infrastructure Solutions Sales 406/256-5700 Support 406/252-4959 Fax 406/256-0201 Evergreen Center North 1501 14 th St West, Suite 201 Billings, MT 59102 Course

More information

Azure Virtual Machine Management

Azure Virtual Machine Management Azure Virtual Machine Management Author: Sainath K.E.V Microsoft Most Valuable Professional Introduction: This document provides details about Managing Virtual Machines under Microsoft Azure Public Cloud.

More information

Course 10978A Introduction to Azure for Developers

Course 10978A Introduction to Azure for Developers Course 10978A Introduction to Azure for Developers Duration: 40 hrs. Overview: About this Course This course offers students the opportunity to take an existing ASP.NET MVC application and expand its functionality

More information

Centrify Cloud Connector Deployment Guide

Centrify Cloud Connector Deployment Guide C E N T R I F Y D E P L O Y M E N T G U I D E Centrify Cloud Connector Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as

More information

This module provides an overview of service and cloud technologies using the Microsoft.NET Framework and the Windows Azure cloud.

This module provides an overview of service and cloud technologies using the Microsoft.NET Framework and the Windows Azure cloud. Module 1: Overview of service and cloud technologies This module provides an overview of service and cloud technologies using the Microsoft.NET Framework and the Windows Azure cloud. Key Components of

More information

Sentinet for BizTalk Server SENTINET 3.1

Sentinet for BizTalk Server SENTINET 3.1 for BizTalk Server SENTINET 3.1 for BizTalk Server 1 Contents Introduction... 2 SOA and APIs Repository... 3 Security... 3 Mediation and Virtualization... 3 Authentication and Authorization... 4 Monitoring,

More information

Security Best Practices for Microsoft Azure Applications

Security Best Practices for Microsoft Azure Applications Security Best Practices for Microsoft Azure Applications Varun Sharma Principal Security Engineer, Information Security & Risk Management (ISRM), Microsoft IT Service Lines Application Security Infrastructure

More information

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS WHITEPAPER SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS EXECUTIVE OVERVIEW 2-Factor as a Service (2FaaS) is a 100% cloud-hosted authentication solution that offers flexible security without compromising user

More information

White Paper. BD Assurity Linc Software Security. Overview

White Paper. BD Assurity Linc Software Security. Overview Contents 1 Overview 2 System Architecture 3 Network Settings 4 Security Configurations 5 Data Privacy and Security Measures 6 Security Recommendations Overview This white paper provides information about

More information

Developing Microsoft Azure Solutions

Developing Microsoft Azure Solutions Course 20532A: Developing Microsoft Azure Solutions Page 1 of 7 Developing Microsoft Azure Solutions Course 20532A: 4 days; Instructor-Led Introduction This course is intended for students who have experience

More information

AVG Business Secure Sign On Active Directory Quick Start Guide

AVG Business Secure Sign On Active Directory Quick Start Guide AVG Business Secure Sign On Active Directory Quick Start Guide The steps below will allow for download and registration of the AVG Business SSO Cloud Connector to integrate SaaS application access and

More information

Developing Microsoft Azure Solutions 20532A; 5 days

Developing Microsoft Azure Solutions 20532A; 5 days Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc Developing Microsoft Azure Solutions 20532A; 5 days Course Description This

More information

New Features in Neuron ESB 2.6

New Features in Neuron ESB 2.6 New Features in Neuron ESB 2.6 This release significantly extends the Neuron ESB platform by introducing new capabilities that will allow businesses to more easily scale, develop, connect and operationally

More information

Data In The Cloud: Who Owns It, and How Do You Get it Back?

Data In The Cloud: Who Owns It, and How Do You Get it Back? Data In The Cloud: Who Owns It, and How Do You Get it Back? Presented by Dave Millier, Soban Bhatti, and Oleg Sotnikov 2013 Sentry Metrics Inc. Agenda Reasons for Cloud Adoption How Did My Data Get There?

More information

Sentinet for BizTalk Server SENTINET

Sentinet for BizTalk Server SENTINET Sentinet for BizTalk Server SENTINET Sentinet for BizTalk Server 1 Contents Introduction... 2 Sentinet Benefits... 3 SOA and APIs Repository... 4 Security... 4 Mediation and Virtualization... 5 Authentication

More information

for business integration

for business integration managed services for business integration To be successful and differentiate from the competition, organizations need to choose a clever integration of people, applications and business partners. Business

More information

10978A: Introduction to Azure for Developers

10978A: Introduction to Azure for Developers 10978A: Introduction to Azure for Developers Course Details Course Code: Duration: Notes: 10978A 5 days This course syllabus should be used to determine whether the course is appropriate for the students,

More information

SHARPCLOUD SECURITY STATEMENT

SHARPCLOUD SECURITY STATEMENT SHARPCLOUD SECURITY STATEMENT Summary Provides details of the SharpCloud Security Architecture Authors: Russell Johnson and Andrew Sinclair v1.8 (December 2014) Contents Overview... 2 1. The SharpCloud

More information

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work.

When your users take devices outside the corporate environment, these web security policies and defenses within your network no longer work. Deployment Guide Revision C McAfee Web Protection Hybrid Introduction Web Protection provides the licenses and software for you to deploy Web Gateway, SaaS Web Protection, or a hybrid deployment using

More information

MS 10978A Introduction to Azure for Developers

MS 10978A Introduction to Azure for Developers MS 10978A Introduction to Azure for Developers Description: Days: 5 Prerequisites: This course offers students the opportunity to learn about Microsoft Azure development by taking an existing ASP.NET MVC

More information

Citrix Virtual Classroom. Deliver file sharing and synchronization services using Citrix ShareFile. Self-paced exercise guide

Citrix Virtual Classroom. Deliver file sharing and synchronization services using Citrix ShareFile. Self-paced exercise guide Deliver file sharing and synchronization services using Citrix ShareFile Self-paced exercise guide Table of Contents Table of Contents... 2 Overview... 3 Exercise 1: Setting up a ShareFile Account... 6

More information

Flexible Identity Federation

Flexible Identity Federation Flexible Identity Federation Quick start guide version 1.0.1 Publication history Date Description Revision 2015.09.23 initial release 1.0.0 2015.12.11 minor updates 1.0.1 Copyright Orange Business Services

More information

Data Security and Governance with Enterprise Enabler

Data Security and Governance with Enterprise Enabler Copyright 2014 Stone Bond Technologies, L.P. All rights reserved. The information contained in this document represents the current view of Stone Bond Technologies on the issue discussed as of the date

More information

Security Architecture Whitepaper

Security Architecture Whitepaper Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer

More information

Hands on Lab: Building a Virtual Machine and Uploading VM Images to the Cloud using Windows Azure Infrastructure Services

Hands on Lab: Building a Virtual Machine and Uploading VM Images to the Cloud using Windows Azure Infrastructure Services Hands on Lab: Building a Virtual Machine and Uploading VM Images to the Cloud using Windows Azure Infrastructure Services Windows Azure Infrastructure Services provides cloud based storage, virtual networks

More information

MOC 20487 DEVELOPING WINDOWS AZURE AND WEB SERVICES

MOC 20487 DEVELOPING WINDOWS AZURE AND WEB SERVICES ONE STEP AHEAD. MOC 20487 DEVELOPING WINDOWS AZURE AND WEB SERVICES Length: 5 Days Level: 300 Technology: Microsoft Visual Studio 2012 Delivery Method: Instructor-led (classroom) COURSE OUTLINE Module

More information

IT Exam Training online / Bootcamp

IT Exam Training online / Bootcamp DumpCollection IT Exam Training online / Bootcamp http://www.dumpcollection.com PDF and Testing Engine, study and practice Exam : 70-534 Title : Architecting Microsoft Azure Solutions Vendor : Microsoft

More information

Portal Administration. Administrator Guide

Portal Administration. Administrator Guide Portal Administration Administrator Guide Portal Administration Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec

More information

Cloud Computing: What IT Professionals Need to Know

Cloud Computing: What IT Professionals Need to Know Learning Cloud Computing: What IT Professionals Need to Know Cloud computing promises new career opportunities for IT professionals. In many cases, existing core skill sets transfer directly to cloud technologies.

More information

FileCloud Security FAQ

FileCloud Security FAQ is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file

More information

Michael Noel. Colin Spence. SharePoint UNLEASHED. 800 East 96th Street, Indianapolis, Indiana 46240 USA

Michael Noel. Colin Spence. SharePoint UNLEASHED. 800 East 96th Street, Indianapolis, Indiana 46240 USA Michael Noel Colin Spence SharePoint 2013 UNLEASHED 800 East 96th Street, Indianapolis, Indiana 46240 USA Table of Contents Introduction 1 Part I Planning for and Deploying SharePoint Server 2013 1 Introducing

More information

Microsoft 10978 - Introduction to Azure for Developers

Microsoft 10978 - Introduction to Azure for Developers 1800 ULEARN (853 276) www.ddls.com.au Microsoft 10978 - Introduction to Azure for Developers Length 5 days Price $4389.00 (inc GST) Version A Overview This course offers students the opportunity to take

More information

Central Desktop Enterprise Edition (Security Pack)

Central Desktop Enterprise Edition (Security Pack) Central Desktop Enterprise Edition (Security Pack) The Central Desktop Security Pack is included in the Enterprise Edition of Central Desktop. The Enterprise Edition is for companies and organizations

More information

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you

More information

Course 20532B: Developing Microsoft Azure Solutions

Course 20532B: Developing Microsoft Azure Solutions Course 20532B: Developing Microsoft Solutions Five Days, Instructor-Led About this Course This course is intended for students who have experience building vertically scaled applications. Students should

More information

Kentico+ documentation

Kentico+ documentation Kentico+ documentation Kentico+ documentation Home............................................................................. 3 1 Creating subscriptions and projects......................................................................

More information

Introduction to Azure for Developers

Introduction to Azure for Developers CÔNG TY CỔ PHẦN TRƯỜNG CNTT TÂN ĐỨC TAN DUC INFORMATION TECHNOLOGY SCHOOL JSC LEARN MORE WITH LESS! Course 10978: Introduction to Azure for Developers Length: 5 Days Audience: Developers Level: 300 Technology:

More information

ShareFile Security Overview

ShareFile Security Overview ShareFile Security Overview ShareFile Company Policy All ShareFile employees undergo full background checks and sign our information security policy prior to beginning employment with the company. The

More information

PI Cloud Connect Overview

PI Cloud Connect Overview PI Cloud Connect Overview Version 1.0.8 Content Product Overview... 3 Sharing data with other corporations... 3 Sharing data within your company... 4 Architecture Overview... 5 PI Cloud Connect and PI

More information

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for

More information

Developing Microsoft Azure Solutions 20532B; 5 Days, Instructor-led

Developing Microsoft Azure Solutions 20532B; 5 Days, Instructor-led Developing Microsoft Azure Solutions 20532B; 5 Days, Instructor-led Course Description This course is intended for students who have experience building vertically scaled applications. Students should

More information

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA 94107. info@okta.

Directory Integration with Okta. An Architectural Overview. Okta Inc. 301 Brannan Street San Francisco, CA 94107. info@okta. Directory Integration with Okta An Architectural Overview Okta Inc. 301 Brannan Street San Francisco, CA 94107 info@okta.com 1-888-722-7871 Contents 1 User Directories and the Cloud: An Overview 3 Okta

More information

RAYSAFE S1 SECURITY WHITEPAPER VERSION B. RaySafe S1 SECURITY WHITEPAPER

RAYSAFE S1 SECURITY WHITEPAPER VERSION B. RaySafe S1 SECURITY WHITEPAPER RaySafe S1 SECURITY WHITEPAPER Contents 1. INTRODUCTION 2 ARCHITECTURE OVERVIEW 2.1 Structure 3 SECURITY ASPECTS 3.1 Security Aspects for RaySafe S1 Data Collector 3.2 Security Aspects for RaySafe S1 cloud-based

More information

Using AWS in the context of Australian Privacy Considerations October 2015

Using AWS in the context of Australian Privacy Considerations October 2015 Using AWS in the context of Australian Privacy Considerations October 2015 (Please consult https://aws.amazon.com/compliance/aws-whitepapers/for the latest version of this paper) Page 1 of 13 Overview

More information

Single Sign On. SSO & ID Management for Web and Mobile Applications

Single Sign On. SSO & ID Management for Web and Mobile Applications Single Sign On and ID Management Single Sign On SSO & ID Management for Web and Mobile Applications Presenter: Manish Harsh Program Manager for Developer Marketing Platforms of NVIDIA (Visual Computing

More information

REMOTE ASSISTANCE SOLUTIONS Private Server

REMOTE ASSISTANCE SOLUTIONS Private Server REMOTE ASSISTANCE SOLUTIONS Private Server UBIQUITY components Control Center: client on the remote assistance PC Ubiquity Runtime: software installed on the remote device Ubiquity Server Infrastructure:

More information

Windows Azure Data Services (basics) 55093A; 3 Days

Windows Azure Data Services (basics) 55093A; 3 Days Lincoln Land Community College Capital City Training Center 130 West Mason Springfield, IL 62702 217-782-7436 www.llcc.edu/cctc Windows Azure Data Services (basics) 55093A; 3 Days Course Description This

More information

Ariett Purchasing & Expense Management. Go Paperless, Go Mobile, Go Easy.

Ariett Purchasing & Expense Management. Go Paperless, Go Mobile, Go Easy. Ariett Purchasing & Expense Management Use Ariett on Any Device Ariett Purchasing & Expense Management Ariett in the Microsoft Azure Cloud Microsoft Recently Published Case Study on Ariett Product Solutions

More information

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES CONTENTS About Tools4ever... 3 About Deloitte Risk Services... 3 HelloID... 4 Microsoft Azure... 5 HelloID Security Architecture... 6 Scenarios... 8 SAML Identity Provider (IDP)... 8 Service Provider SAML

More information

White Paper: Cloud Identity is Different. World Leading Directory Technology. Three approaches to identity management for cloud services

White Paper: Cloud Identity is Different. World Leading Directory Technology. Three approaches to identity management for cloud services World Leading Directory Technology White Paper: Cloud Identity is Different Three approaches to identity management for cloud services Published: March 2015 ViewDS Identity Solutions A Changing Landscape

More information

Implementing Microsoft Azure Infrastructure Solutions

Implementing Microsoft Azure Infrastructure Solutions Implementing Microsoft Azure Infrastructure About this Course This course is aimed at experienced IT Professionals who currently administer their on-premise infrastructure. The course introduces the student

More information

Configuration Guide. BES12 Cloud

Configuration Guide. BES12 Cloud Configuration Guide BES12 Cloud Published: 2016-04-08 SWD-20160408113328879 Contents About this guide... 6 Getting started... 7 Configuring BES12 for the first time...7 Administrator permissions you need

More information

ClockWork Enterprise 5

ClockWork Enterprise 5 ClockWork Enterprise 5 Technical Overview rev 5.1 Table of Contents Overview... 3 Database Requirements... 4 Database Storage Requirements... 4 Sql Server Authentication and Permissions... 5 ClockWork

More information

Xerox DocuShare Private Cloud Service. Security White Paper

Xerox DocuShare Private Cloud Service. Security White Paper Xerox DocuShare Private Cloud Service Security White Paper Table of Contents Overview 3 Adherence to Proven Security Practices 3 Highly Secure Data Centers 4 Three-Tier Architecture 4 Security Layers Safeguard

More information

Implementing Microsoft Azure Infrastructure Solutions

Implementing Microsoft Azure Infrastructure Solutions Course 20533A: Implementing Microsoft Azure Infrastructure Solutions Page 1 of 7 Implementing Microsoft Azure Infrastructure Solutions Course 20533A: 4 days; Instructor-Led Introduction This course is

More information

DIGIPASS Authentication for GajShield GS Series

DIGIPASS Authentication for GajShield GS Series DIGIPASS Authentication for GajShield GS Series With Vasco VACMAN Middleware 3.0 2008 VASCO Data Security. All rights reserved. Page 1 of 1 Integration Guideline Disclaimer Disclaimer of Warranties and

More information

Hosted SharePoint. OneDrive for Business. OneDrive for Business with Hosted SharePoint. Secure UK Cloud Document Management from Your Office Anywhere

Hosted SharePoint. OneDrive for Business. OneDrive for Business with Hosted SharePoint. Secure UK Cloud Document Management from Your Office Anywhere OneDrive for Business with Hosted SharePoint Secure UK Cloud Document Management from Your Office Anywhere Cloud Storage is commonplace but for businesses that want secure UK Cloud based document and records

More information

Alfresco Enterprise on Azure: Reference Architecture. September 2014

Alfresco Enterprise on Azure: Reference Architecture. September 2014 Alfresco Enterprise on Azure: Reference Architecture Page 1 of 14 Abstract Microsoft Azure provides a set of services for deploying critical enterprise workloads on its highly reliable cloud platform.

More information

White Paper How Noah Mobile uses Microsoft Azure Core Services

White Paper How Noah Mobile uses Microsoft Azure Core Services NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah

More information

Using and Contributing Virtual Machines to VM Depot

Using and Contributing Virtual Machines to VM Depot Using and Contributing Virtual Machines to VM Depot Introduction VM Depot is a library of open source virtual machine images that members of the online community have contributed. You can browse the library

More information

SECURITY AND REGULATORY COMPLIANCE OVERVIEW

SECURITY AND REGULATORY COMPLIANCE OVERVIEW Powering Cloud IT SECURITY AND REGULATORY COMPLIANCE OVERVIEW BetterCloud for Office 365 Executive Summary BetterCloud provides critical insights, automated management, and intelligent data security for

More information

Hosting Models. Business Model Software (as a Service) Platform (as a Service) Infrastructure (as a Service) On Premises. Applications. Data.

Hosting Models. Business Model Software (as a Service) Platform (as a Service) Infrastructure (as a Service) On Premises. Applications. Data. You manage You manage You manage On Premises Hosting Models Infrastructure (as a Service) Platform (as a Service) Business Model Software (as a Service) Customizations Applications Data Runtime Middleware

More information

Remote Vendor Monitoring

Remote Vendor Monitoring ` Remote Vendor Monitoring How to Record All Remote Access (via SSL VPN Gateway Sessions) An ObserveIT Whitepaper Daniel Petri March 2008 Copyright 2008 ObserveIT Ltd. 2 Table of Contents Executive Summary...

More information

Dell SonicWALL and SecurEnvoy Integration Guide. Authenticating Users Using SecurAccess Server by SecurEnvoy

Dell SonicWALL and SecurEnvoy Integration Guide. Authenticating Users Using SecurAccess Server by SecurEnvoy Dell SonicWALL and SecurEnvoy Integration Guide Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 Merlin House Brunel Road Theale

More information

System Administration Training Guide. S100 Installation and Site Management

System Administration Training Guide. S100 Installation and Site Management System Administration Training Guide S100 Installation and Site Management Table of contents System Requirements for Acumatica ERP 4.2... 5 Learning Objects:... 5 Web Browser... 5 Server Software... 5

More information

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER With technology everywhere we look, the technical safeguards required by HIPAA are extremely important in ensuring that our information

More information

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 5. Microsoft Azure Fundamentals M-10979 Length: 2 days Price: $ 1,295.

Course Description. Course Audience. Course Outline. Course Page - Page 1 of 5. Microsoft Azure Fundamentals M-10979 Length: 2 days Price: $ 1,295. Course Page - Page 1 of 5 Microsoft Azure Fundamentals M-10979 Length: 2 days Price: $ 1,295.00 Course Description Get hands-on instruction and practice implementing Microsoft Azure in this two day Microsoft

More information

Copyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com

Copyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com Manual Copyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com Information in this document is subject to change without notice. Companies names and data used in examples herein are fictitious

More information

MySQL Security: Best Practices

MySQL Security: Best Practices MySQL Security: Best Practices Sastry Vedantam sastry.vedantam@oracle.com Safe Harbor Statement The following is intended to outline our general product direction. It is intended for information purposes

More information

Integrating Single Sign-on Across the Cloud By David Strom

Integrating Single Sign-on Across the Cloud By David Strom Integrating Single Sign-on Across the Cloud By David Strom TABLE OF CONTENTS Introduction 1 Access Control: Web and SSO Gateways 2 Web Gateway Key Features 2 SSO Key Features 3 Conclusion 5 Author Bio

More information

Introduction. C a p a b i l i t y d o c u m e n t : B i z T a l k S e r v e r

Introduction. C a p a b i l i t y d o c u m e n t : B i z T a l k S e r v e r Microsoft Technology Practice Capability document Overview Microsoft BizTalk Server is the middleware application server providing Business Process Management, Process Automations along with SOA / ESB

More information

NSi Mobile Installation Guide. Version 6.2

NSi Mobile Installation Guide. Version 6.2 NSi Mobile Installation Guide Version 6.2 Revision History Version Date 1.0 October 2, 2012 2.0 September 18, 2013 2 CONTENTS TABLE OF CONTENTS PREFACE... 5 Purpose of this Document... 5 Version Compatibility...

More information

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation

IBM Cloud Security Draft for Discussion September 12, 2011. 2011 IBM Corporation IBM Cloud Security Draft for Discussion September 12, 2011 IBM Point of View: Cloud can be made secure for business As with most new technology paradigms, security concerns surrounding cloud computing

More information

December 2015 702P00860. Xerox App Studio 3.0 Information Assurance Disclosure

December 2015 702P00860. Xerox App Studio 3.0 Information Assurance Disclosure December 2015 702P00860 Xerox App Studio 3.0 Information Assurance Disclosure 2014 Xerox Corporation. All rights reserved. Xerox and Xerox and Design and ConnectKey are trademarks of Xerox Corporation

More information

Identity & Access Management in the Cloud: Fewer passwords, more productivity

Identity & Access Management in the Cloud: Fewer passwords, more productivity WHITE PAPER Strategic Marketing Services Identity & Access Management in the Cloud: Fewer passwords, more productivity Cloud services are a natural for small and midsize businesses, with their ability

More information

Windows Azure Pack Installation and Initial Configuration

Windows Azure Pack Installation and Initial Configuration Windows Azure Pack Installation and Initial Configuration Windows Server 2012 R2 Hands-on lab In this lab, you will learn how to install and configure the components of the Windows Azure Pack. To complete

More information

Simone Brunozzi, AWS Technology Evangelist, APAC. Fortress in the Cloud

Simone Brunozzi, AWS Technology Evangelist, APAC. Fortress in the Cloud Simone Brunozzi, AWS Technology Evangelist, APAC Fortress in the Cloud AWS Cloud Security Model Overview Certifications & Accreditations Sarbanes-Oxley (SOX) compliance ISO 27001 Certification PCI DSS

More information

Amazon AWS in.net. Presented by: Scott Reed scottr@develop.com

Amazon AWS in.net. Presented by: Scott Reed scottr@develop.com Amazon AWS in.net Presented by: Scott Reed scottr@develop.com Objectives Cloud Computing What Amazon provides Why Amazon Web Services? Q&A Instances Interacting with Instances Management Console Command

More information

Windows Azure platform What is in it for you? Dominick Baier (dbaier@develop.com) Christian Weyer (cweyer@develop.com

Windows Azure platform What is in it for you? Dominick Baier (dbaier@develop.com) Christian Weyer (cweyer@develop.com Windows Azure platform What is in it for you? Dominick Baier (dbaier@develop.com) Christian Weyer (cweyer@develop.com Objectives Motivation Status quo Cloud Computing Windows Azure platform Windows Azure

More information

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE

MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE WHITE PAPER MANAGED FILE TRANSFER: 10 STEPS TO HIPAA/HITECH COMPLIANCE 1. OVERVIEW Do you want to design a file transfer process that is secure? Or one that is compliant? Of course, the answer is both.

More information

Developing Microsoft Azure Solutions

Developing Microsoft Azure Solutions Course M20532 5 Day(s) 30:00 Hours Developing Microsoft Azure Solutions Audience The candidates targeted by this training have basic experience in implementing and monitoring Microsoft Azure solutions.

More information

Identity Implementation Guide

Identity Implementation Guide Identity Implementation Guide Version 35.0, Winter 16 @salesforcedocs Last updated: October 27, 2015 Copyright 2000 2015 salesforce.com, inc. All rights reserved. Salesforce is a registered trademark of

More information

Building Secure Cloud Applications. On the Microsoft Windows Azure platform

Building Secure Cloud Applications. On the Microsoft Windows Azure platform Building Secure Cloud Applications On the Microsoft Windows Azure platform Contents 1 Security and the cloud 3 1.1 General considerations 3 1.2 Questions to ask 3 2 The Windows Azure platform 4 2.1 Inside

More information

Xerox Mobile Print Cloud

Xerox Mobile Print Cloud September 2012 702P00860 Xerox Mobile Print Cloud Information Assurance Disclosure 2012 Xerox Corporation. All rights reserved. Xerox and Xerox and Design are trademarks of Xerox Corporation in the United

More information

WHITE PAPER NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW

WHITE PAPER NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW INTRODUCTION As businesses adopt new technologies that touch or leverage critical company data, maintaining the highest level of security is their

More information

Fax User Guide 07/31/2014 USER GUIDE

Fax User Guide 07/31/2014 USER GUIDE Fax User Guide 07/31/2014 USER GUIDE Contents: Access Fusion Fax Service 3 Search Tab 3 View Tab 5 To E-mail From View Page 5 Send Tab 7 Recipient Info Section 7 Attachments Section 7 Preview Fax Section

More information

HOTPin Integration Guide: Google Apps with Active Directory Federated Services

HOTPin Integration Guide: Google Apps with Active Directory Federated Services HOTPin Integration Guide: Google Apps with Active Directory Federated Services Disclaimer Disclaimer of Warranties and Limitation of Liabilities All information contained in this document is provided 'as

More information

Working with Structured Data in Microsoft Office SharePoint Server 2007 (Part1): Configuring Single Sign On Service and Database

Working with Structured Data in Microsoft Office SharePoint Server 2007 (Part1): Configuring Single Sign On Service and Database Working with Structured Data in Microsoft Office SharePoint Server 2007 (Part1): Configuring Single Sign On Service and Database Applies to: Microsoft Office SharePoint Server 2007 Explore different options

More information

Connecting an Android to a FortiGate with SSL VPN

Connecting an Android to a FortiGate with SSL VPN Connecting an Android to a FortiGate with SSL VPN This recipe describes how to provide a group of remote Android users with secure, encrypted access to the network using FortiClient and SSL VPN. You must

More information

Google Apps Deployment Guide

Google Apps Deployment Guide CENTRIFY DEPLOYMENT GUIDE Google Apps Deployment Guide Abstract Centrify provides mobile device management and single sign-on services that you can trust and count on as a critical component of your corporate

More information

Implementing Microsoft Azure Infrastructure Solutions

Implementing Microsoft Azure Infrastructure Solutions Implementing Microsoft Azure Infrastructure Solutions Course M20533 5 Day(s) 30:00 Hours Introduction This course is aimed at experienced IT Professionals who currently administer their on -premise infrastructure.

More information

The Top 5 Federated Single Sign-On Scenarios

The Top 5 Federated Single Sign-On Scenarios The Top 5 Federated Single Sign-On Scenarios Table of Contents Executive Summary... 1 The Solution: Standards-Based Federation... 2 Service Provider Initiated SSO...3 Identity Provider Initiated SSO...3

More information