Comindware Data Security in Cloud
The cloud version of Comindware Tracker is hosted in an Amazon EC2 - based environment and thus leverages the Amazon’s measures, procedures and policies when it comes to the physical security of the datacenters and computers the data is hosted on. Put simply, we are using the best, most secure and properly managed physical infrastructure there is right now. For more information on the actual technologies and protocols being used please refer to this whitepaper: https://d1.awsstatic.com/whitepapers/aws-security-whitepaper.pdf
Software environment and operating systems:
Comindware Tracker product instances and databases are hosted on Windows-based virtual machines within the Amazon EC2 environment. Besides that being an efficient tool for ensuring service fault-tolerance and continuity (VMs will continue running even if underlying hardware fails), that also means that we share the OS-level security with Amazon. In other words, Amazon ensures the security of the cloud environment by patching the underlying software and operating systems, while Comindware is responsible for the in-VM operating systems and software. Here is the Amazon’s security bulletin where they publish all the patches and changes they apply: https://aws.amazon.com/security/security-bulletins/
Comindware follows the Microsoft’s recommendations for installing OS patches based on their severity, impact and other factors. We also keep the amount of non-default software and OS features on our servers to a minimum to negate the risks of security flaws.
Comindware cloud environment is hosted in a Virtual Private Cloud with extremely limited access points. Clients get access to their product instances and databases via a proxy server that ensures that only product-related web (http) traffic goes through. Comindware administrators have access to the environment via a protected, ACL-based, logged connection point, with connection attempts being audited on a regular basis.
Product security practices:
Comindware products are built with the modern data security mechanisms at their core and they make sure your data is accessible by the users it is intended for only. Comindware Tracker features a custom-made encrypted graph database which cannot be read without valid user authentication. It also makes sure no custom code can be run from within the product to access unauthorized data. Our development and Q&A processes include mandatory security tests and we also do independent penetration testing for both the product and the Amazon EC2 environment it is hosted on, for all major product releases.
Even after a user legitimately logs in, it is important that she or he has access to data relevant to her/his role only. Comindware Tracker features an advanced toolset that lets you configure who has access to what data, in detail.
Data in transit:
Comindware Tracker uses the HTTPS extension to secure data in transit and avoid man-in-themiddle attacks, out of the box.
Data at rest:
Comindware Tracker encrypts the database files to make sure they cannot be read without proper authentication. We also store each client’s database files on separate (virtual) hard drives as a best practice against code-injection attacks that may try to get access to your database via another product instance (and browsing for files on the same disk volume) but once again, Comindware Tracker itself is built to prevent such attacks in the first place.
In case something goes wrong with your data (mainly in case of a human mistake in workflow configuration that leads to data loss), we do daily backups of your database and store it using Amazon’s S3 storage. This means that you are covered even if everything goes wrong with your product instance for whatever reason and you need to restore your product database from scratch.
Internal data access policies:
We have both technical and policy-induced safeguards to make sure neither external people nor internal employees have access to customer data without proper allowance. Logging in to our clients’ database (e.g. to assist with workflow configuration or troubleshooting) always involves the clients explicitly creating user accounts for us. There is a limited number of people who can access product files in the cloud, via a monitored connection. Employees who actually have to work with client data (analysts, project managers) are all under contractual agreements to follow NDAs, and internal employee contracts.
Client data security is our top priority at Comindware and we work to make sure you can entrust your data to our products. Comindware has REDSPIN audits scheduled every 2 years for external security reviews. We are always open to taking it one step further so if you have some specific security requirements (e.g. per your company’s security policies), feel free to reach out to your Comindware representative to discuss the ways to achieve them.