Comindware Data Security in Cloud
The cloud version of CMW Tracker is hosted in an Amazon EC2 - based environment and thus leverages the Amazon’s measures, procedures and policies when it comes to the physical security of the data centers and servers the data is hosted on. Put simply, we are using the best, most secure and properly managed physical infrastructure there is right now. For more information on the actual technologies and protocols being used please refer to the Amazon's documentation portal: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts.html
The following article describes the specific physical security measures employed at Amazon EC2 data center locations: https://aws.amazon.com/compliance/data-center/controls/
Software environment and operating systems:
CMW Tracker product instances and databases are hosted on Windows-based virtual machines within the Amazon EC2 environment. Besides that being an efficient tool for ensuring service fault-tolerance and continuity (VMs will continue running even if underlying hardware fails), that also means that we share the OS-level security with Amazon. In other words, Amazon ensures the security of the cloud environment by patching the underlying software and operating systems, while Comindware is responsible for the in-VM operating systems and software. Here is the Amazon’s security bulletin where they publish all the patches and changes they apply: https://aws.amazon.com/security/security-bulletins/
By default, multiple product instances are hosted per VM; such product instances are each run in a separate application thread, with actual databases being stored on different virtual hard drives (Amazon EBS). This level of application and data separation is more than sufficient in most applications but Comindware also offers the option to host product instances on dedicated VMs (one per product instance) for additional security.
Comindware follows the Microsoft’s recommendations for installing OS patches based on their severity, impact and other factors. We also keep the amount of non-default software and OS features on our servers to a minimum to negate the risks of security flaws.
Comindware cloud environment is hosted in a Virtual Private Cloud with extremely limited access points. Clients get access to their product instances and databases via a proxy server that ensures that only product-related web (http) traffic goes through. The proxy servers are hosted in the same Amazon EC2 region with the product instances they route the network traffic to. Comindware administrators have access to the environment via a protected, ACL-based, logged connection point, with connection attempts being audited on a regular basis.
Product security practices:
Comindware products are built with the modern data security mechanisms at their core and they make sure your data is accessible by the users it is intended for only. CMW Tracker features a custom-made encrypted graph database which cannot be read without valid user authentication. It also makes sure no custom code can be run from within the product to access unauthorized data. Our development and Q&A processes include mandatory security tests and we also do independent penetration testing for both the product and the Amazon EC2 environment it is hosted on, for all major product releases.
Even after a user legitimately logs in, it is important that she or he has access to data relevant to her/his role only. CMW Tracker features an advanced toolset that lets you configure who has access to what data, in detail.
Data in transit:
CMW Tracker uses the HTTPS extension to secure data in transit and avoid man-in-themiddle attacks, out of the box.
Data at rest:
CMW Tracker encrypts the database files to make sure they cannot be read without proper authentication. We also store each client’s database files on separate (virtual) hard drives as a best practice against code-injection attacks that may try to get access to your database via another product instance (and browsing for files on the same disk volume) but once again, CMW Tracker itself is built to prevent such attacks in the first place.
In case something goes wrong with your data (mainly in case of a human mistake in workflow configuration that leads to data loss), we do daily backups of your database and store it using Amazon’s S3 storage. This means that you are covered even if everything goes wrong with your product instance for whatever reason and you need to restore your product database from scratch. Database backups are stored using Amazon S3 service in the same region with your product instance.
Internal data access policies:
We have both technical and policy-induced safeguards to make sure neither external people nor internal employees have access to customer data without proper allowance. Logging in to our clients’ database (e.g. to assist with workflow configuration or troubleshooting) always involves the clients explicitly creating user accounts for us. There is a limited number of people who can access product files in the cloud, via a monitored connection. Employees who actually have to work with client data (analysts, project managers) are all under contractual agreements to follow NDAs, and internal employee contracts.
Client data security is our top priority at Comindware and we work to make sure you can entrust your data to our products. Comindware has penetration testing audits scheduled every 2 years for external security reviews. We are always open to taking it one step further so if you have some specific security requirements (e.g. per your company’s security policies), feel free to reach out to your Comindware representative to discuss the ways to achieve them.