MicroStrategy Express: Security Framework

Transcription

1 MicroStrategy Express: Security Framework

2 I. Introduction... 2 II. Employing Best Practices... 2 Expertise... 2 Certifications and Compliance... 2 III. Application, Platform, and Physical Security... 3 Application Security... 4 Platform Security... 5 System Security... 6 Physical Security and Protection... 6 IV. Operational Readiness... 7 Risk Management Framework... 7 Information Security Program... 7 System Serveillance... 7 Incident Management... 7 Communication Plan... 8 V. Redundancy... 8 VI. Contingency Planning... 8 System Recovery... 8 Data Recovery... 9 VII. Conclusion... 9

3 I. Introduction Many organizations have legitimate concerns about the privacy and security of their data in the cloud. MicroStrategy understands this, and protecting its customers data is of paramount importance. Threats to data security can come in many forms, including cyber-attacks, on-site tampering, as well as destruction due to acts of nature. These threats exist whether an organization manages its own data or entrusts it to an organization like MicroStrategy. Protecting data against a wide array of highly complex and insidious dangers is not easy. That is why MicroStrategy Cloud has assembled a dedicated services team and charged them with putting in place stringent security measures, based on industry best practices. MicroStrategy s goal is to ensure its customers data is as safe and secure as possible in the MicroStrategy Cloud environment. Moreover, MicroStrategy continues to invest and innovate to stay ahead of the evolving threats to data security. MicroStrategy employs a multi-pronged strategy to securing systems and data. First, MicroStrategy ensures that the Cloud environment meets or exceeds industry best practices by investing in expertise and staying compliant with the many industry standards and frameworks. Second, MicroStrategy has put in place a wide array of counter-measures to ensure application, platform, and physical security. Third, MicroStrategy uses independent, third-party audit services and uses internal monitoring and alerting systems to neutralize any threats. Finally, MicroStrategy ensures high availability through the use of redundancy and reliable backup procedures. Table 1 on the next page provides a summary of MicroStrategy s multi-pronged strategy as well as specific tactics. With Express, individuals now have access to MicroStrategy s award-winning business intelligence directly, without need of a planned data model, or a large infrastructure. Instead, users are given only a subset of functionality that is most relevant to their direct needs. This, coupled with MicroStrategy s focus on data privacy and security, gives nontechnical business users the ability to deliver high-performance and secure applications with ease. II. Employing Best Practices Expertise In order to keep pace with cyber security threats, MicroStrategy employs a highly qualified team of security experts to develop a security program around adaptive defense. Further, since inception, MicroStrategy has been built with the philosophy of bringing together the best, brightest, and most experienced engineers and computer scientists. The Express team is no exception. This group of highly experienced software, BI, network, storage, and security engineers have put in place industry tried-and-tested security countermeasures and processes to safeguard data throughout the cloud environment. Certifications and Compliance Express servers are hosted in an SSAE 16 compliant facility. 2

4 Table 1. Overview of MicroStrategy Cloud Security Strategies Strategy Detail Best Practice Expertise and Investment Customers leverage MicroStrategy s significant investment in securing the cloud environment using best practices. Cyber and Physical Security Application Security User, project and object level authentication Enables enforcement of strong password protection and management Secure date transmission Platform Security Physical Security Operational Readiness System Audits Perimeter firewalls Intrusion detection process in place Multi-tier architecture Support for secure connectivity (SSL, VPN, and others) IP obfuscation and Encrypted communication SSAE-16 Type II compliant hosting facility 24x7 security including video surveillance Biometric access to locked cages Redundant, fault-tolerant designs Network Operation Centers (NOC) that operate 24x7 and have global reach Independent audits of security controls Internal reviews to assess conformance to the information security policy Monitoring, Alerting, and Reporting Continuous monitoring of logs, alerts, and notifications Well defined incident management, escalation process, and communication plan Redundancy and Disaster Recovery Capability Redundancy Redundant infrastructure, including servers and network components Redundant operating environments (VMs) Disaster Recovery Capability Data and system recovery processes support disaster recovery plan III. Application, Platform, and Physical Security There are at least three areas of vulnerability that any public facing computing platform must protect. First, at the application layer, the system must be able to thwart any unauthorized attempt to access data. Second, at the platform layer, the underlying architecture and control mechanisms should ensure the integrity and security of the data. Third, at the physical layer, sufficient obstacles must be put in place to make it difficult for any unauthorized persons to access the systems directly. Any security counter measures that are put in place must, at a minimum, 3

5 protect these three areas of vulnerability. This section describes the details of how application, platform, and physical security are applied to Express APPLICATION SECURITY Overview A successful application security implementation uses a multi-layered approach to role-based authentication control (RBAC). This ensures only authorized users are able to access the system and users are only able to view or update data they are authorized to see. Express offers both standard username and password authentication, and integration with Usher, a MicroStrategy application which provides full digital validation of identity. Once a user gains access to Express, their access is restricted only to objects and data leveraged by those objects which they have been granted access to. As Express does not work off of an object based model, connections to the data itself are not reusable. Authentication Modes Express offers authentication via both MicroStrategy-Based Authentication, and through the Usher Application Server (part of the Usher Mobile Identity Network) from MicroStrategy ( The former follows industry standard authentication authority to process username and password to grant access. The latter uses a digital authentication application, which allows a user to prove their identity with hardware (i.e. an ios or Android device) rather than a username and password. Object Security By default, no dashboard can be seen by any user other than its creator. In order to grant access to a dashboard, a creator must choose to share the dashboard or application, and specifically add users to the access list. At this point, only if the user has a valid Express subscription, will they be allowed to access the dashboard. The permission to access the dashboard can be removed from any user at any time within the same mechanism. The removal of permissions will be instantaneous. In addition, row level security can be granted through the personalization process. At the level of each individual dashboard access can be restricted to specific data elements, thereby allowing the user access only to the rows that are relevant to him or her. This row level security is applied whether the user accesses the data interactively, via delivery, or any other method. Data Security The MicroStrategy In-Memory Cubes underlying each Express dashboard are accessible only to that specific dashboard. This insures that no other user on the system can gain access to the data stored within the In-Memory Cube. The Cubes themselves are secured in a number of other ways, as well, including both the MicroStrategy encryption technology and the MicroStrategy Cloud Infrastructure outlined separately within this document. Data Transmission For all flat file data imported into Express, the data is transferred via HTTPS. This is also true, by default for Database data. Any data replicated into Express In-Memory Cubes is persisted into a proprietary format cache file, which is stored with a RIPEMD-160 encryption. This ensures multiple levels of security for all data. 4

6 Express Delivery Dashboards do not utilize the MicroStrategy In-Memory Cube approach, and so in the case of a delivery dashboard, there is no data stored within the Express servers. Data is brought into memory briefly to create the s, and then discarded immediately after delivery. Where possible, connections to standard cloud sources such as Salesforce.com utilize industry standard protocols, such as oauth, to ensure that MicroStrategy does not store credential information for these data providers. VPN Option In the case that HTTPS level security is insufficient for user security needs, or it is required to connect to a database which is not accessible via the internet, it is also possible to establish a VPN connection between the user environment and the MicroStrategy Cloud servers which host Express. Our IPsec VPN creates a point to point connection, and allows the user to specify the IP addresses of the Database servers they wish to connect to the servers hosting their Express Teams. It s also possible to restrict access down to the port level. This virtual network provides the user with the same functionality, security and management policies of a full local network. Session Management Express closes all sessions after 30 minutes of inactivity. This ensures that even if the user leaves their computer accessible, data will not be exposed via an orphan session. Strong Password Standard MicroStrategy strictly enforces strong password standards for all MicroStrategy user accounts. Requiring minimum password length and complexity makes Express user accounts less susceptible to hacking. Passwords must have a minimum of eight characters and contain at least one of the following special #, $, %, ^, &, +, =. PLATFORM Security Network Architecture MicroStrategy Cloud is implemented using a high-performance, multi-tier, scalable web architecture that inherently provides a wide range of security features. The system is comprised of four logical layers, namely, the user, web server, application, and data access layers. The network is characterized by secure external connectivity, secure intranetwork communication, secure data transfer via HTTPS or VPN, and stringent port controls. Perimeter firewalls are used to isolate internal sub-systems from internet traffic. These firewalls are configured to prevent communication on any unnecessary ports. This reduces the network s susceptibility to port-scanning," a tactic often employed by hackers to find active ports and exploit known vulnerabilities. In addition, any remote server calls (e.g., RPC, RMI) are strictly prohibited on any MicroStrategy Cloud servers hosting Express. 5

7 A multi-tier architecture ensures isolation of application and database components. system security Restrictive permissions to files, services, and system settings are applied to all MicroStrategy servers. Access Control Lists (ACLs) are used to limit access. All unnecessary operating system services are removed or disabled before system deployment in the MicroStrategy Cloud Infrastructure. All users are required to authenticate using a unique username and password to access any MicroStrategy Cloud server. An up-to-date antivirus scanner is installed on all MicroStrategy Cloud computers and vulnerability scans are conducted on all computing equipment regularly. Security and other important patches provided by equipment vendors are routinely reviewed and applied by MicroStrategy Information Systems professionals. All virtual machines deployed in the MicroStrategy Cloud Infrastructure are governed by the same system security practices of physical machines. physical security and protection MicroStrategy Cloud servers are housed exclusively in SSAE16 Type II compliant hosting environments. This means that physical access to the servers on which customer data resides is highly restricted. Moreover, the facilities are constructed to prevent damage caused by deliberate acts of vandalism or that caused by acts of nature. Below is a list of security features found at MicroStrategy Cloud s data centers. ACCESS CONTROL AT HOSTING FACILITIES 24-hour manned security, including foot patrols and perimeter inspections Biometric scanning for access Dedicated concrete-walled Data Center rooms Computing equipment in access-controlled steel cages Video surveillance throughout facility and perimeter Building engineered for local seismic, storm, and flood risks Tracking of asset removal FACILITY ENVIRONMENTAL CONTROLS Humidity and temperature control Redundant (N+1) cooling system 6

8 POWER Underground utility power feed Redundant (N+1) CPS/UPS systems Redundant power distribution units (PDUs) Redundant (N+1) diesel generators with on-site diesel fuel storage NETWORK Concrete vaults for fiber entry Redundant internal networks Network neutral; connects to all major carriers and located near major Internet hubs High bandwidth capacity FIRE DETECTION AND SUPPRESSION VESDA (very early smoke detection apparatus) Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression IV. Operational Readiness RISK MANAGEMENT FRAMEWORK MicroStrategy leverages internal risk management and audit functions to provide independent assessments of risk as part of an on-going cycle of audit. Third party auditors are leveraged to provide a final assessment of the control framework and to ensure MicroStrategy is executing controls as documented. information security program MicroStrategy Cloud Security teams maintain the security policy, provides security training to employees, and performs application security reviews. These reviews assess the confidentiality, integrity, and availability of data, as well as conformance to the information security policy. system serveillance MicroStrategy s Information Security teams monitor logs, alerts, and notifications from a variety of systems in order to proactively detect and manage threats. In addition, software agents are deployed across all tiers of the MicroStrategy Cloud framework to monitor hardware, storage, networking, virtualization, operating system, and application, providing real-time visibility into the environment. incident management In the event of a triggered alert, the alert is triaged and the appropriate issue resolution process is initiated. The objective of this process is to highlight and identify the appropriate level of resources and expertise to isolate and neutralize any threats. The process has a well-defined escalation path and communication plan. It also calls for a postmortem of any significant alerts in order to prevent repeat incidents by identifying, and then subsequently rectifying, any gaps in existing controls. 7

9 communication plan In compliance with federal, state, or foreign law (as applicable), MicroStrategy has implemented processes to provide notification to customers of lost or compromised data based on the severity of the security threat and the results of any individual attack. V. Redundancy MicroStrategy Cloud s infrastructure is architected with redundancy in mind. A variety of backup mechanisms and failover processes help contribute to MicroStrategy Cloud s uptime SLA. This protects against a number of different potential causes of disruption including power outages, loss of Internet connection, as well as hardware failure. The MicroStrategy Cloud has dual, independent 10GB connections to the Internet backbone. Each line is brought in from a different carrier. In the event that there is disruption to one carrier s service, the additional connection will remain live. Hardware redundancy is also key to providing uninterrupted service. The cloud infrastructure is designed with redundant load balancers, firewalls as well as physical servers. While typically the mean time-to-failure for such devices is quite long, any of these components are subject to breakdown. Automatic failover mechanisms are also built into the MicroStrategy Cloud infrastructure for these hardware devices. The system would automatically recognize any disabled device and direct traffic to only the remaining functioning hardware. As noted earlier, Express runs within the MicroStrategy Cloud infrastructure in virtual machines. These VMs provide self-contained operating environments that enable a highly effective redundancy strategy. Redundant VMs are deployed across different physical servers. Should one of the VMs fail, the system would continue to operate using the backup VM. Similarly, in the event of physical server failure, the system would still continue to operate using the backup VMs on the backup servers. In any situation involving a component failure, an alert is automatically generated and distributed to the MicroStrategy Cloud Operations team. At that point, the incidence management process would kick in and steps would be taken to remediate the problems. VI. Contingency Planning system recovery System reconstruction in the event of a disaster requires MicroStrategy s teams to be able to restore the hardware and software infrastructure to its original state. To support this, MicroStrategy has established and documented processes to re-create the base operating environment. This includes both the hardware and system software components. MicroStrategy s use of VMs to run customer specific software, then enables its engineers to very easily restore the application software to the last known state. 8

10 data recovery MicroStrategy backup policies and procedures are designed to ensure limited downtime to the customer should an unforeseen incident occur that impacts the quality or availability of customer data. MicroStrategy will make use of off-site backups to support disaster recovery. MicroStrategy Cloud Services will perform a scheduled backup on a nightly basis of the following: MicroStrategy environment including metadata Customer access control lists Virtual environment parameters and settings Applicable audit logs This backup is persisted in a storage device located in the MicroStrategy Cloud data center and is subject to the same physical security as other MicroStrategy Cloud infrastructure. These backups are retained for a period of 30 days, at which point they are permanently deleted. These backup procedures are designed as part of an overall effort to support customers disaster recovery plans. VII. Conclusion Express gives control over data to individuals, providing a rapidly deployment process for reporting, at low cost, in the cloud. As the purpose of Express is making life easier for the business user in need of reporting, security has been a critical concern. Express is built on top of the MicroStrategy Cloud which has been architected from the ground up to include a wide range of countermeasures to protect the data it houses. The security controls in place map to many of the common frameworks and standards including SOC 2 Type I and II, ISO27001, PCI, HIPAA, and others. Protecting the data of each individual who uses Express is of paramount importance for MicroStrategy. MicroStrategy Cloud s infrastructure is designed to provide a high degree of data security. Moreover, MicroStrategy continues to invest and innovate to stay ahead of the evolving cyber-security threats. This allows customers to leverage and rely on the MicroStrategy Cloud security infrastructure and focus their efforts, instead, on analyzing data to solve business problems. 9

11 Copyright Information All Contents Copyright 2013 MicroStrategy Incorporated. All Rights Reserved. Trademark Information MicroStrategy, MicroStrategy 6, MicroStrategy 7, MicroStrategy 7i, MicroStrategy 7i Evaluation Edition, MicroStrategy 7i Olap Services, MicroStrategy 8, MicroStrategy 9, MicroStrategy Distribution Services, MicroStrategy MultiSource Option, MicroStrategy Command Manager, MicroStrategy Enterprise Manager, MicroStrategy Object Manager, MicroStrategy Reporting Suite, MicroStrategy Power User, MicroStrategy Analyst, MicroStrategy Consumer, MicroStrategy Delivery, MicroStrategy BI Author, MicroStrategy BI Modeler, MicroStrategy Evaluation Edition, MicroStrategy Administrator, MicroStrategy Agent, MicroStrategy Architect, MicroStrategy BI Developer Kit, MicroStrategy Broadcast Server, MicroStrategy Broadcaster, MicroStrategy Broadcaster Server, MicroStrategy Business Intelligence Platform, MicroStrategy Consulting, MicroStrategy CRM Applications, MicroStrategy Customer Analyzer, MicroStrategy Desktop, MicroStrategy Desktop Analyst, MicroStrategy Desktop Designer, MicroStrategy ecrm 7, MicroStrategy Education, MicroStrategy etrainer, MicroStrategy Executive, MicroStrategy Infocenter, MicroStrategy Intelligence Server, MicroStrategy Intelligence Server Universal Edition, MicroStrategy MDX Adapter, MicroStrategy Narrowcast Server, MicroStrategy Objects, MicroStrategy OLAP Provider, MicroStrategy SDK, MicroStrategy Support, MicroStrategy Telecaster, MicroStrategy Transactor, MicroStrategy Web, MicroStrategy Web Business Analyzer, MicroStrategy World, Application Development and Sophisticated Analysis, Best In Business Intelligence, Centralized Application Management, Information Like Water, Intelligence Through Every Phone, Intelligence To Every Decision Maker, Intelligent E-Business, Personalized Intelligence Portal, Query Tone, Rapid Application Development, MicroStrategy Intelligent Cubes, The Foundation For Intelligent E-Business, The Integrated Business Intelligence Platform Built For The Enterprise, The Platform For Intelligent E-Business, The Scalable Business Intelligence Platform Built For The Internet, Office Intelligence, MicroStrategy Office, MicroStrategy Report Services, MicroStrategy Web MMT, MicroStrategy Web Services, Pixel Perfect, Pixel-Perfect, MicroStrategy Mobile, MicroStrategy Integrity Manager and MicroStrategy Data Mining Services are all registered trademarks or trademarks of MicroStrategy Incorporated. All other company and product names may be trademarks of the respective companies with which they are associated. Specifications subject to change without notice. MicroStrategy is not responsible for errors or omissions. MicroStrategy makes no warranties or commitments concerning the availability of future products or versions that may be planned or under development. Patent Information This product is patented. One or more of the following patents may apply to the product sold herein: U.S. Patent Nos. 6,154,766, 6,173,310, 6,260,050, 6,263,051, 6,269,393, 6,279,033, 6,567,796, 6,587,547, 6,606,596, 6,658,093, 6,658,432, 6,662,195, 6,671,715, 6,691,100, 6,694,316, 6,697,808, 6,704,723, 6,741,980, 6,765,997, 6,768,788, 6,772,137, 6,788,768, 6,798,867, 6,801,910, 6,820,073, 6,829,334, 6,836,537, 6,850,603, 6,859,798, 6,873,693, 6,885,734, 6,940,953, 6,964,012, 6,977,992, 6,996,568, 6,996,569, 7,003,512, 7,010,518, 7,016,480, 7,020,251, 7,039,165, 7,082,422, 7,113,993, 7,127,403, 7,174,349, 7,181,417, 7,194,457, 7,197,461, 7,228,303, 7,260,577, 7,266,181, 7,272,212, 7,302,639, 7,324,942, 7,330,847, 7,340,040, 7,356,758, 7,356,840, 7,415,438, 7,428,302, 7,430,562, 7,440,898, 7,486,780, 7,509,671, 7,516,181, 7,559,048, 7,574,376, 7,617,201, 7,725,811, 7,801,967, 7,836,178, 7,861,161, 7,861,253, 7,881,443, 7,925,616, 7,945,584, 7,970,782, 8,005,870, 8,051,168, 8,051,369, 8,094,788, 8,130,918 and 8,296,287. Other patent applications are pending. MicroStrategy Incorporated 1850 Towers Crescent Plaza Tysons Corner, VA COLL