Skip to Content

Changes for page eMagiz Security Guide

Last modified by Waria on 2026/06/04 13:44
From version 13.1
edited by marijn
on 2022/06/13 09:34
Change comment: There is no comment for this version
To version 52.1
edited by Waria
on 2026/06/04 13:30
Change comment: There is no comment for this version

Summary

Details

Page properties
Title
... ... @@ -1,0 +1,1 @@
1 +eMagiz Security Guide
Parent
... ... @@ -1,0 +1,1 @@
1 +WebHome
Author
... ... @@ -1,1 +1,1 @@
1 -XWiki.marijn
1 +XWiki.waria
Content
... ... @@ -1,19 +1,8 @@
1 -{{html wiki="true"}}
2 -<div class="ez-academy">
3 - <div class="ez-academy_body">
4 -<div class="doc">
5 -
1 +{{container}}{{container layoutStyle="columns"}}(((
2 +In this fundamental, we will delve into the security perspective of the eMagiz landscape. We'll explore the cloud setup, data protection, and more to understand the role security plays in each part of the eMagiz architecture. Let's dive in!
6 6  
7 -
8 -= eMagiz Security Guide =
9 -
10 -In this fundamental, we will zoom in on how the various parts of the eMagiz landscape can be viewed from a Security perspective. We will look at the Cloud, on-premises, data within eMagiz, external communication, and the portal during our journey. After this journey, you should have a solid understanding of what role security plays in each of the parts of the eMagiz architecture. Note that protecting your data is a joint responsibility between eMagiz and you. This fundamental aims to clarify the security measures eMagiz has taken in the eMagiz platform. This way, you can assess the eventual additional steps you need to take to ensure that the eMagiz service cooperates securely with the rest of your application and integration landscape.
11 -
12 12  Should you have any questions, please get in touch with academy@emagiz.com.
13 13  
14 -* Last update: February 17th, 2022
15 -* Required reading time: 15 minutes
16 -
17 17  == 1. Prerequisites ==
18 18  
19 19  * Some context on cloud functionality will be helpful.
... ... @@ -21,37 +21,41 @@
21 21  == 2. Key concepts ==
22 22  
23 23  * Protecting your data is a joint responsibility between eMagiz and you
24 -* The repository is read-only for clients
13 +* The registry containing deployable flows is read-only for clients
25 25  * Data in the Cloud is kept within your VPC
26 -* Production data in the portal is behind an MFA check
15 +* The portal is behind an MFA check
27 27  
28 -
29 -
30 30  == 3. eMagiz Security Guide ==
31 31  
32 -In this fundamental, we will zoom in on how the various parts of the eMagiz landscape can be viewed from a Security perspective. We will look at the Cloud, on-premises, data within eMagiz, external communication, and the portal during our journey. After this journey, you should have a solid understanding of what role security plays in each of the parts of the eMagiz architecture. Note that protecting your data is a joint responsibility between eMagiz and you. This fundamental aims to clarify the security measures eMagiz has taken in the eMagiz platform. This way, you can assess the eventual additional steps you need to take to ensure that the eMagiz service cooperates securely with the rest of your application and integration landscape.
19 +In this fundamental, we will zoom in on how the various parts of the eMagiz landscape can be viewed from a Security perspective. We will look at the Cloud, on-premises, data within eMagiz, external communication, and the portal during our journey. After this journey, you should have a solid understanding of what role security plays in each of the parts of the eMagiz architecture. Note that protecting your data is a joint responsibility between eMagiz and you. This fundamental aims at clarifying the security measures eMagiz has taken in the eMagiz platform. This way, you can assess the eventual additional steps you need to take to ensure that the eMagiz service cooperates securely with the rest of your application and integration landscape.
33 33  
34 34  === 3.1 Architectural setup eMagiz ===
35 35  
36 36  eMagiz consists of various components communicating to develop the process layer and subsequently run the message layer as secure and stable as possible for our customers.
37 37  
38 -1. In the eMagiz integration project, various flows are created that work together to realize the integration. The different types are shown on the top of the picture below: Entry, Exits, Offramps, onramps, and routing flows.
39 -2. These flows are then deployed together with a specific build number (contains framework components to make these flows work) into a runtime (java based application container).
25 +
26 +1. In the eMagiz integration project, various flows are created that work together to realize the integration. The different types are shown on the top of the picture below.
27 +2. Your customized flows are combined with a base image (which contains framework components to make the flows work) and are deployed into a runtime (java-based application container).
40 40  3. These runtimes run on Cloud machines that contain Cloud templates (all required components to make the Cloud machine operational such as OS, Java runtime version, and more).
41 41  
42 -The top part of the picture depicts the eMagiz repository. All relevant (open-source) libraries needed to run flows on a connector are stored within this repository.
43 43  
44 -To prevent unauthorized access to this repository, the following measures have been taken
45 45  
46 -* Client runtimes can access the repository via a username/password combination through a one-way SSL connection (encrypted) and read the contents of the repository
47 -* eMagiz developers that need to upload bundles can access the repository through a one-way SSL connection (encrypted)
48 -* A bitbucket pipeline will be created soon to enable automatic updates. This data pipeline will also need a unique username/password combination along with the fact that the connection itself is a one-way SSL connection (encrypted)
49 -* The repository is read-only for clients. This means that even if someone gets their hands on a username/password combination, they do not have sufficient rights to alter anything in the repository. They can only read the data that is kept in the repository.
32 +Your flows are stored within a registry so deployments can be managed efficiently. To prevent unauthorized access to this repository, the following measures have been taken:
50 50  
51 -<p align="center">[[image:fundamental-emagiz-security-guide--definition-emagiz-model.png||]]</p>
52 52  
53 -=== 3.2 Security Guidelines * Cloud ===
35 +* Deploy agents can access the registry and can read the contents belonging to your eMagiz integration project only.
36 +* Client runtimes can read specific flows within the registry as provided by the deploy agent to deploy the flows
37 +* When running your eMagiz integration project in the cloud, security during communication between eMagiz and the registry is taken care of by the eMagiz cloud.
38 +* When running your eMagiz integration project on-premises, you will have to make sure that your server is running Docker and the eMagiz deploy agent so the server can access the registry successfully and securely. For more information on this look here: [[eMagiz Deploy Agent>>doc:Main.eMagiz Academy.Microlearnings.Intermediate Level.eMagiz Runtime Management.intermediate-runtime-management-deploy-agent.WebHome||target="blank"]]
39 +* A bitbucket pipeline can access the registry to update the provided base image that is needed to run all your flows. This pipeline cannot access your flows, only the libraries used to build your flows.
40 +* Connections to the registry are always one-way SSL (encrypted) and all access is secured with a unique username/password combination.
41 +* As mentioned above, the registry is read-only for agents and client runtimes. This means that even if someone gets their hands on a username/password combination, they do not have sufficient rights to alter anything in the registry. They can only read the data that is kept in the registry.
54 54  
43 +
44 +[[image:Main.Images.Fundamental.WebHome@fundamental-emagiz-security-guide--emagiz-architecture.png]]
45 +
46 +=== 3.2 Security Guidelines - Cloud ===
47 +
55 55  In this section, we take a closer look at the cloud setup in general. Here we will focus on high-level security measurements because we already specified security measurements at the data level.
56 56  
57 57  ==== 3.2.1 Cloud setup ====
... ... @@ -59,7 +59,7 @@
59 59  The picture below shows a standard double-lane setup of an eMagiz instance within the eMagiz Cloud. A single-lane design looks similar but only consists of one core machine.
60 60  This gives insight into how messages flow through the Cloud, which measures are taken for monitoring and auto-healing, and where data is temporarily stored 'in transit.'
61 61  
62 -<p align="center">[[image:fundamental-emagiz-cloud-inner-workings--customer-level-overview-double-lane.png||]]</p>
55 +[[image:Main.Images.Fundamental.WebHome@fundamental-emagiz-cloud-inner-workings--customer-level-overview-double-lane.png]]
63 63  
64 64  We want to use this picture to explain specific components within the Cloud from a security perspective. We will start at the outside and work our way inwards.
65 65  
... ... @@ -86,7 +86,7 @@
86 86  * Monitoring
87 87  * Notification options
88 88  
89 -Making sure you are on the latest cloud template version guards yourself against vulnerabilities in older versions of Java and OS, for example. In addition, it gives the user more options for monitoring the health of the cloud environment reducing the risk of a loss of availability of data (promptly) without compromising the integrity of the data. For more information on what cloud templates are and how to control and update them, please check out this [microlearning](../microlearning/novice-emagiz-cloud-management-cloud-templates-explained.md).
82 +Making sure you are on the latest cloud template version guards yourself against vulnerabilities in older versions of Java and OS, for example. In addition, it gives the user more options for monitoring the health of the cloud environment reducing the risk of a loss of availability of data (promptly) without compromising the integrity of the data. For more information on what cloud templates are and how to control and update them, please check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Novice.eMagiz Cloud Management.novice-emagiz-cloud-management-cloud-templates-explained||target="blank"]].
90 90  
91 91  ==== 3.2.5 Carwash ====
92 92  
... ... @@ -111,26 +111,16 @@
111 111  
112 112  ===== 3.3.1.1 Rights for installing =====
113 113  
114 -To install a runtime on-premises, you need sufficient rights to execute (batch) programs. This means that the user needs administrator rights on that specific machine to perform the runtime installation correctly.
107 +To run your runtimes on-premises, Docker and the eMagiz deploy agent need to be installed and updated when required. On Windows machines, you will need administrator rights to perform these actions. On Linux machines, you need at least sudo privileges for these actions.
115 115  
116 -===== 3.3.1.2 Rights for running =====
117 -
118 -In Windows, a service account is needed to run a Windows Service (in this case, the runtime you have installed). This service account is different compared to the user that does the installing of the runtime.
119 -There are two options on this level:
120 -
121 -* Use the local system account. This account has sufficient rights to run the service and can therefore be used for everything: less work to configure, more impact on data integrity when the account gets compromised.
122 -* Use a specific service account per runtime, limiting the power of users to a particular runtime making you less vulnerable if this account gets compromised.
123 -
124 -In Linux, the service will be running under the local system account as per default.
125 -
126 126  ==== 3.3.2 Cloud ====
127 127  
128 -In the eMagiz Cloud, the access is restricted to those who have a legitimate reason to access it based on the SLA level agreements between customers and eMagiz. This means support engineers, consignment employees, and your model owner have access to your specific cloud setup.
111 +In the eMagiz Cloud, access is restricted to those who have a legitimate reason to access it based on the SLA level agreements between customers and eMagiz. This means support engineers, consignment employees, and your model owner have access to your specific cloud setup.
129 129  This access is, per role, furthermore limited. This means that consignment employees and model owners can only see the logging of the runtimes on the machine and the ability to start/stop machines.
130 130  
131 131  Support engineers can see more to analyze problems on a lower level.
132 132  
133 -All other users don't have access to the cloud setup as there is no need for access because they can perform the relevant actions on the Cloud via the eMagiz portal. For more information on how please see the [eMagiz Cloud Management](../microlearning/novice-emagiz-cloud-management-index) course.
116 +All other users don't have access to the cloud setup as there is no need for access because they can perform the relevant actions on the Cloud via the eMagiz portal. For more information on how please see the [[eMagiz Cloud Management>>doc:Main.eMagiz Academy.Microlearnings.Novice.eMagiz Cloud Management.WebHome||target="blank"]] course.
134 134  
135 135  ===== 3.3.2.1 Rights for installing =====
136 136  
... ... @@ -138,7 +138,7 @@
138 138  
139 139  ===== 3.3.2.2 Rights for running =====
140 140  
141 -The VPC in the Cloud runs on a Linux environment. Therefore the same logic applies as specified above for Linux systems. For example, in Linux, the service will run under the local system account as default.
124 +The VPC in the Cloud runs on a Linux environment. Therefore, the same logic applies as specified above for Linux systems. For example, in Linux, the service will run under the local system account as default.
142 142  
143 143  === 3.4 Data encryption during transport ===
144 144  
... ... @@ -148,7 +148,7 @@
148 148  
149 149  Let us first look at the data "in transit." This is the process phase where data is interchanged between flows within the eMagiz platform. This data interchange goes (i.e., from entry to onramp or offramp to exit) via the orchestration of the JMS server on the messaging layer. This is nicely shown in the picture below.
150 150  
151 -<p align="center">[[image:fundamental-emagiz-security-guide--data-orchestration.png||]]</p>
134 +[[image:Main.Images.Fundamental.WebHome@fundamental-emagiz-security-guide--data-orchestration.png]]
152 152  
153 153  Data "in transit" is temporarily stored on an encrypted filesystem with the help of encryption algorithms.
154 154  For the Cloud, eMagiz uses the AES-256 encryption algorithm.
... ... @@ -187,28 +187,19 @@
187 187  
188 188  ==== 3.5.2 API Gateway ====
189 189  
190 -A structure with roles and rights per role can be specified within the portal or via an external IDP to secure the front end of the API Gateway in eMagiz.
173 +A structure with roles and rights per role can be specified within the portal or via an external IDP to secure the front end of the API Gateway in eMagiz. For the backend of the API Gateway, the same logic applies as stated above for messaging, which means that eMagiz supports the industry standard. Therefore, you as a user should confer with the external party about the correct method.
191 191  
192 192  ===== 3.5.2.1 Portal =====
193 193  
194 194  As you can see in the picture shown below, the roles are defined so that the Read role can only access two integrations available for this specific API Gateway. If a client has insufficient rights, they will receive a 401 Unauthorized
195 195  
196 -<p align="center">[[image:fundamental-emagiz-security-guide--api-gateway-portal-feedback.png||]]</p>
179 +[[image:Main.Images.Fundamental.WebHome@fundamental-emagiz-security-guide--api-gateway-portal-feedback.png]]
197 197  
198 -===== 3.5.2.2 External IDP =====
199 -
200 -Apart from configuring the roles, users, and rights within the portal itself, it is also possible to hook the API Gateway up to an external IDP.
201 -By communicating with this IDP via the OAuth2.0 protocol, a check is done every time a client calls a specific operation to see whether that client has sufficient rights to access the operation.
202 -If the client has sufficient rights, the process continues. For example, if the client has insufficient rights, the client receives a 401 Unauthorized.
203 -
204 -For the backend of the API Gateway, the same logic applies as stated above for messaging, which means that eMagiz supports the industry standard. Therefore, you as a user should confer with the external party about the correct method.
205 -
206 206  ===== 3.5.2.3 Error handling =====
207 207  
208 208  To prevent the error message if it occurs is sent straight back to the client, you can configure the front end of the API Gateway, so that correct HTTP Status codes are given back to the client, including a descriptive message.
209 209  
210 -For more information on how this precisely can be configured via the eMagiz platform, please check the following [microlearning](../microlearning/crashcourse-api-gateway-configure-roles-and-users.md)
211 -
185 +For more information on how this precisely can be configured via the eMagiz platform, please check the following [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course API Gateway.crashcourse-api-gateway-configure-roles-and-users||target="blank"]].
212 212  ==== 3.5.3 Event Streaming ====
213 213  
214 214  Within the Event Streaming solution, eMagiz provides Event Streaming users, and topics can be created.
... ... @@ -216,12 +216,13 @@
216 216  
217 217  Only users with sufficient rights in the Deploy phase of eMagiz can add users, topics and change the ACL entries specific to the Event Streaming cluster.
218 218  
219 -Apart from producing or consuming on specific topics based on the ACL, users also need to have a valid Keystore (containing the key and cert generated automatically) and a valid truststore (containing the CA certificate of the event streaming cluster) to produce or consume data.
193 +Apart from producing on or consuming specific topics based on the ACL, users need to authenticate themselves on the Event Streaming cluster using 2-way SSL. For this they need a client certificate (also known as a keystore) and the trusted server certificate (also known as truststore).
220 220  
221 221  These are all security measures to prevent third parties from getting unauthorized access to the data stored on the topics.
222 222  
223 -For more information on how this precisely can be configured via the eMagiz platform, please check the following [microlearning](../microlearning/crashcourse-eventstreaming-user-management.md)
197 +For more information on how this precisely can be configured via the eMagiz platform, please check the following [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Event Streaming.crashcourse-eventstreaming-user-management||target="blank"]].
224 224  
199 +
225 225  === 3.6 eMagiz iPaaS Portal ===
226 226  
227 227  The eMagiz portal provides access to users to manage their eMagiz integration configurations. It provides access to all the features to develop, deploy and manage integrations across Test, Acceptance, and Production environments.
... ... @@ -230,8 +230,8 @@
230 230  
231 231  ===== 3.6.1.1 User access to https://my.emagiz.com =====
232 232  
233 -Users can be added with their email address by the eMagiz Partner Manager, upon which the user gets an email to sign in. A temporary password is created and emailed, which has to be changed at the first login to the iPaaS portal. In addition, users are connected to organizations in eMagiz.
234 -In the administration section of the user, an MFA token can be used to enable the Multifactor Authentication on a user level. Typical authenticators on a smartphone can be used, such as Google Authenticator. An MFA response is required for model owners to manage the permissions on a project level and any Edit activity in Production environments. See the following sections for more details on these functions.
208 +Users can be added with their email address by the eMagiz Partner Manager or by their company contact, upon which the user gets an email to sign in. A temporary password is created and emailed, which has to be changed at the first login to the iPaaS portal. In addition, users are connected to organizations in eMagiz.
209 +In the administration section of the user, upon first login an MFA configuration needs to be executed by the user so they can access models to which they have been granted rights. Typical authenticators on a smartphone can be used, such as Google Authenticator. For more information, check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-security-add-mfa.WebHome||target="blank"]]. An MFA response is required for model owners to manage the permissions on a model level. See the following sections for more details on these functions.
235 235  
236 236  ===== 3.6.1.2 Users access to Integration Projects =====
237 237  
... ... @@ -239,7 +239,7 @@
239 239  
240 240  ===== 3.6.1.3 User authorizations to Integration projects. =====
241 241  
242 -Every integration project has a model owner who can distribute rights across functionalities and environments. The picture below shows the various options available across the Integration Life Cycle (ILM) Phases Capture through Manage. In addition, the model owner manages the user permissions and needs to have the MFA authentication level passed before making any changes.
217 +Every integration project has a model owner who can distribute rights across functionalities and environments. The picture below shows the various options available across the Integration Life Cycle (ILM) Phases Capture through Manage. In addition, the model owner manages the user permissions and needs to have the MFA authentication level passed before making any changes (which is asked of the model owner upon login).
243 243  
244 244  * When Edit permission is granted on an ILM phase, all the sub-options are configurable
245 245  * View rights mean that all options can be viewed only
... ... @@ -247,7 +247,7 @@
247 247  * Model owners are assigned to integration projects by eMagiz Administrators
248 248  * An audit trail is kept of the changes made in the project permission structure
249 249  
250 -<p align="center">[[image:fundamental-emagiz-security-guide--access-rights.png||]]</p>
225 +[[image:Main.Images.Fundamental.WebHome@fundamental-emagiz-security-guide--access-rights.png]]
251 251  
252 252  ===== 3.6.1.4 Partner user access to Client environments =====
253 253  
... ... @@ -261,7 +261,7 @@
261 261  
262 262  Below are relevant items for the password policy in the eMagiz portal.
263 263  
264 -* There is no expiry policy on the password - eMagiz has a Forget Password functionality.
239 +* There is no expiry policy on the password - eMagiz has a Forgot Password functionality.
265 265  * Password must be 8 - 20 characters long, cannot contain white spaces, and must contain at least one digit, one upper case, and one lower case letter."
266 266  
267 267  ==== 3.6.2 Integration project versioning & audit trails ====
... ... @@ -268,9 +268,9 @@
268 268  
269 269  * In all the relevant parts of the integration project, developers can version the changes made. The type (major, minor, or patch) can be indicated and commented on to describe the change. Once the version is created, that particular version will be available for Deployment and is then kept in the history of changes on a low level. Both are illustrated in the pictures below.
270 270  
271 -<p align="center">[[image:fundamental-emagiz-security-guide--create-new-version.png||]]</p>
246 +[[image:Main.Images.Fundamental.WebHome@fundamental-emagiz-security-guide--create-new-version.png]]
272 272  
273 -<p align="center">[[image:fundamental-emagiz-security-guide--history-pages.png||]]</p>
248 +[[image:Main.Images.Fundamental.WebHome@fundamental-emagiz-security-guide--history-pages.png]]
274 274  
275 275  * On a CDM level, the same functionality exists to indicate the version type incl. comments. All changes to the CDM model are logged in an audit trail that can help understand what changes are made by who in case of error resolution. The CDM is also protected by the permission structure of the Integration project.
276 276  
... ... @@ -284,28 +284,27 @@
284 284  
285 285  === 3.7 GDPR compliancy ===
286 286  
287 -Our privacy policy is mentioned on this page: https://www.emagiz.com/privacy-policy/. The eMagiz platform holds for registered users only the username and password. The user name is the company email address, and no other data is kept on a personal user level.
262 +Our privacy policy is mentioned on this page: https://www.emagiz.com/privacy-policy/. The eMagiz platform holds for registered users only the username and password. The username is the company email address, and no other data is kept on a personal user level.
288 288  
289 -The eMagiz portal at https://my.emagiz.com does not store any cookies. Instead, there are functional items only kept in the user's session data once active in the eMagiz portal. Specific logs are created in the eMagiz portal that displays operational issues a user has in using the portal. These logs are only viewable by eMagiz users and contain no personal data.
264 +The eMagiz portal at https://my.emagiz.com does not store any cookies. Instead, there are functional items only kept in the user's session data once active in the eMagiz portal. Specific logs are created in the eMagiz portal that displays operational issues a user has in using the portal. These logs are only viewable by eMagiz administrators and contain no personal data.
290 290  
291 291  === 3.8 Data retention ===
292 292  
293 -eMagiz stores specific integration scenario data. Within the basic configuration, eMagiz only processes the data and doesn't keep any data from these message streams. All messages are treated the same way, and the platform doesn't distinguish between regular, personal, or sensitive data. Clients are requested to make such assessments and take precautionary measures. Below we have detailed the parts of the eMagiz offering, per integration pattern, in which data is held temporarily. Afterward, we turn our focus to our data management offerings in which we store data for a longer period to support the client's needs.
268 +Within the basic configuration, eMagiz only processes the data and does not keep any data. All messages are treated the same way, and the platform doesn't distinguish between regular, personal, or sensitive data. Clients are requested to make such assessments and take precautionary measures. Below we have detailed the parts of the eMagiz offering, per integration pattern, in which data is held temporarily. Afterward, we turn our focus to our data management offerings in which we store data for a longer period to support the client's needs.
294 294  
295 295  ==== 3.8.1 Messaging ====
296 296  
297 -In the integrations where the Messaging pattern is selected, the entry connectors (runtimes that receive or pull messages) are equipped with a small temporary database to ensure the letters are preserved in this phase. In case of brief downtime of consecutive components where these messages are processed, these messages are held. This is one part of the Guaranteed Delivery mechanism in eMagiz. Messages are encrypted (AES-128) and stored until the message is processed * the database can only be thoroughly cleaned if needed by removing the data file of this database. Only users that have sufficient permissions can restart. Depending on input received and throughput achieved by polling the database, this can range between seconds and minutes that a message is kept in the database.
272 +In the integrations where the Messaging pattern is selected, the entry connectors (runtimes that receive or pull messages) are equipped with a small temporary database to ensure the messages are preserved in this phase. In case of brief downtime of consecutive components where these messages are processed, these messages are held. This is one part of the Guaranteed Delivery mechanism in eMagiz. Messages are encrypted (AES-128) and stored until the message is processed. Depending on input received and throughput achieved by the poller, a message is kept between seconds and minutes in the database.
273 +The database can only be thoroughly cleaned if needed by removing the data file of this database. Only users that have sufficient permissions can execute this action.
298 298  
299 -The eMagiz JMS component manages the queues between the different steps in the integration flow. All data within these queues are encrypted via an encryption algorithm (AES-256), and data will only be retained here until the next step in the process is ready to consume the data.
300 300  
276 +The eMagiz JMS server manages the queues between the different steps in the integration flow. All data within these queues are encrypted via an encryption algorithm (AES-256), and data will only be retained here until the next step in the process is ready to consume the data.
277 +
301 301  ==== 3.8.2 Event Streaming ====
302 302  
303 -In the case of event streaming, data is temporarily kept on the topic within the event streaming cluster. As specified above, access to a topic is secured with the help of the ACL. This is a safeguard against a loss of integrity of data. Regarding Event Streaming, data is retained for a more extended period (often days) to ensure that consumers have sufficient time to consume the data before it is deleted. This does mean that unauthorized third parties can not easily access the data on these topics. In addition, authorized users can edit the retention size and retention times on the topic level.
280 +In the case of event streaming, data is temporarily kept on the topic within the event streaming cluster. As specified above, access to a topic is secured with the help of the ACL. This is a safeguard against a loss of integrity of data. Regarding Event Streaming, data is retained for a more extended period (between 2 and 7 days, depending on configuration and license) to ensure that consumers have sufficient time to consume the data before it is deleted.
281 +For details on how your data is secured during retention, such as encryption and back-up policies, we refer you to the security policies of our provider KPN DSH: https://policy-public.kpnnet.org/ksp/explore/ksp-taxonomy/560104
304 304  
305 -* Service instances and the underlying VMs use full volume encryption using LUKS with a randomly generated ephemeral key per each instance and volume. The key is never re-used and will be trashed at the destruction of the instance, so there's a natural key rotation with roll-forward upgrades. We use the LUKS default mode aes-xts-plain64:sha256 with a 512-bit key.
306 -* Backups are encrypted with a randomly generated key per file. These keys are encrypted with RSA key-encryption key-pair and stored in the header section of each backup segment. The file encryption is performed with AES-256 in CTR mode with HMAC-SHA256 for integrity protection. The RSA key pair is randomly generated for each service. The key lengths are 256-bit for block encryption, 512-bit for integrity protection, and 3072-bits for the RSA key.
307 -* These backup files are stored in the object storage in the same region where the service virtual machines are located.
308 -
309 309  ==== 3.8.3 API Gateway ====
310 310  
311 311  At this moment, there is no data stored in eMagiz API Gateways configurations. Instead, backend flows that connect to the APIs being called use the same queuing mechanism as mentioned in the previous section around Messaging.
... ... @@ -312,11 +312,12 @@
312 312  
313 313  ==== 3.8.4 Data management ====
314 314  
315 -For more information on the conceptual ideas behind data management within the eMagiz platform, you can look at this [fundamental](fundamental-traceability-in-emagiz.md). For more concrete information on how to implement it within an eMagiz flow you could check out this [microlearning](../microlearning/advanced-data-management-data-sink.md) and this [microlearning](../microlearning/advanced-data-management-long-term-archiving.md). All the information within the data sink and the long-term archiving solution is kept within the same VPC in the Cloud and can only be accessed by authorized parties.
316 -
289 +For more information on the conceptual ideas behind data management within the eMagiz platform, you can look at this [[fundamental>>doc:Main.eMagiz Academy.Fundamentals.fundamental-traceability-in-emagiz||target="blank"]]. For more concrete information on how to implement it within an eMagiz flow you could check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.advanced-data-management-data-sink||target="blank"]] and this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.advanced-data-management-long-term-archiving||target="blank"]]. All the information within the data sink and the long-term archiving solution is kept within the same VPC in the Cloud and can only be accessed by authorized parties.
290 +
317 317  === 3.9 Compliancy ===
318 318  
319 -* eMagiz has the ISO-27001 certification at this moment.
293 +* eMagiz is currentlty ISO-27001 certified.
294 +* eMagiz is currently SOC2 Type 2 certified.
320 320  
321 321  === 3.10 Other ===
322 322  
... ... @@ -326,17 +326,31 @@
326 326  
327 327  During these tests, the pentester will try to achieve goals (penetration of the target system on various levels) by undertaking various means. Such a test can help determine whether a system is vulnerable to attack if the defenses were sufficient and which defenses (if any) the test defeated. In addition, eventual findings from those tests are dealt with conforming to the corrective action processes in our ISMS.
328 328  
329 -===== Practice =====
330 -
331 331  == 4. Key takeaways ==
332 332  
333 333  * Protecting your data is a joint responsibility between eMagiz and you
334 -* The repository is read-only for clients
307 +* The registry containing deployable flows is read-only for clients
335 335  * Data in the Cloud is kept within your VPC
336 -* Production data in the portal is behind an MFA check
309 +* The portal is behind an MFA check
310 +
311 +== 5. Suggested additional readings ==
337 337  
338 -</div>
339 -</div>
340 -</div>
341 -
342 -{{/html}}
313 +* [[Fundamental (Navigation)>>doc:Main.eMagiz Academy.Fundamentals.WebHome||target="blank"]]
314 +** [[eMagiz Cloud (Explanation)>>doc:Main.eMagiz Academy.Fundamentals.fundamental-emagiz-cloud-inner-workings||target="blank"]]
315 +** [[Traceability (Explanation)>>doc:Main.eMagiz Academy.Fundamentals.fundamental-traceability-in-emagiz||target="blank"]]
316 +* [[Crash Courses (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.WebHome||target="blank"]]
317 +** [[Crash Course Platform (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.WebHome||target="blank"]]
318 +*** [[Security - Add MFA (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-security-add-mfa.WebHome||target="blank"]]
319 +*** [[Portal Security - Basic (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-manage-portal-security-basic||target="blank"]]
320 +** [[Crash Course API Gateway (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course API Gateway.WebHome||target="blank"]]
321 +** [[Configure Roles and Users (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course API Gateway.crashcourse-api-gateway-configure-roles-and-users||target="blank"]]
322 +** [[Crash Course Event Streaming (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Event Streaming.WebHome||target="blank"]]
323 +** [[User Management (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Event Streaming.crashcourse-eventstreaming-user-management||target="blank"]]
324 +* [[Novice Level (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Novice.WebHome||target="blank"]]
325 +** [[eMagiz Cloud Management (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Novice.eMagiz Cloud Management.WebHome||target="blank"]]
326 +*** [[Cloud Templates Explained (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Novice.eMagiz Cloud Management.novice-emagiz-cloud-management-cloud-templates-explained||target="blank"]]
327 +* [[Advanced Level (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.WebHome||target="blank"]]
328 +** [[Data Management (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.WebHome||target="blank"]]
329 +*** [[Data Sink (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.advanced-data-management-data-sink||target="blank"]]
330 +*** [[Long Term Archiving (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.advanced-data-management-long-term-archiving||target="blank"]]
331 +)))((({{toc/}}))){{/container}}{{/container}}
fundamental-emagiz-cloud-inner-workings--customer-level-overview-double-lane.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.marijn
Size
... ... @@ -1,1 +1,0 @@
1 -65.2 KB
Content
fundamental-emagiz-security-guide--access-rights.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.marijn
Size
... ... @@ -1,1 +1,0 @@
1 -9.1 KB
Content
fundamental-emagiz-security-guide--api-gateway-portal-feedback.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.marijn
Size
... ... @@ -1,1 +1,0 @@
1 -14.7 KB
Content
fundamental-emagiz-security-guide--create-new-version.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.marijn
Size
... ... @@ -1,1 +1,0 @@
1 -23.6 KB
Content
fundamental-emagiz-security-guide--data-orchestration.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.marijn
Size
... ... @@ -1,1 +1,0 @@
1 -160.8 KB
Content
fundamental-emagiz-security-guide--definition-emagiz-model.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.marijn
Size
... ... @@ -1,1 +1,0 @@
1 -63.3 KB
Content
fundamental-emagiz-security-guide--history-pages.png
Author
... ... @@ -1,1 +1,0 @@
1 -XWiki.marijn
Size
... ... @@ -1,1 +1,0 @@
1 -22.5 KB
Content