Skip to Content

Changes for page eMagiz Security Guide

Last modified by Erik Bakker on 2024/08/20 08:53
From version 40.1
edited by Erik Bakker
on 2024/08/08 11:54
Change comment: There is no comment for this version
To version 32.1
edited by Erik Bakker
on 2023/01/02 10:24
Change comment: There is no comment for this version

Summary

Details

Page properties
Content
... ... @@ -1,5 +1,5 @@
1 1  {{container}}{{container layoutStyle="columns"}}(((
2 -in this fundamental, we will delve into the security perspective of the eMagiz landscape. We'll explore the cloud setup, data protection, and more to understand the role security plays in each part of the eMagiz architecture. Let's dive in!
2 +In this fundamental, we will zoom in on how the various parts of the eMagiz landscape can be viewed from a Security perspective. We will look at the Cloud, on-premises, data within eMagiz, external communication, and the portal during our journey. After this journey, you should have a solid understanding of what role security plays in each of the parts of the eMagiz architecture. Note that protecting your data is a joint responsibility between eMagiz and you. This fundamental aims to clarify the security measures eMagiz has taken in the eMagiz platform. This way, you can assess the eventual additional steps you need to take to ensure that the eMagiz service cooperates securely with the rest of your application and integration landscape.
3 3  
4 4  Should you have any questions, please get in touch with academy@emagiz.com.
5 5  
... ... @@ -206,7 +206,6 @@
206 206  
207 207  For more information on how this precisely can be configured via the eMagiz platform, please check the following [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Event Streaming.crashcourse-eventstreaming-user-management||target="blank"]].
208 208  
209 -
210 210  === 3.6 eMagiz iPaaS Portal ===
211 211  
212 212  The eMagiz portal provides access to users to manage their eMagiz integration configurations. It provides access to all the features to develop, deploy and manage integrations across Test, Acceptance, and Production environments.
... ... @@ -216,7 +216,7 @@
216 216  ===== 3.6.1.1 User access to https://my.emagiz.com =====
217 217  
218 218  Users can be added with their email address by the eMagiz Partner Manager or by their company contact, upon which the user gets an email to sign in. A temporary password is created and emailed, which has to be changed at the first login to the iPaaS portal. In addition, users are connected to organizations in eMagiz.
219 -In the administration section of the user, upon first login an MFA configuration needs to be executed by the user so they can access models to which they have been granted rights. Typical authenticators on a smartphone can be used, such as Google Authenticator. For more information, check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-security-add-mfa.WebHome||target="blank"]]. An MFA response is required for model owners to manage the permissions on a model level. See the following sections for more details on these functions.
218 +In the administration section of the user, upon first login an MFA configuration needs to be executed by the user so they can access models to which they have been granted rights. Typical authenticators on a smartphone can be used, such as Google Authenticator. For more information, check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-security-add-mfa||target="blank"]]. An MFA response is required for model owners to manage the permissions on a model level. See the following sections for more details on these functions.
220 220  
221 221  ===== 3.6.1.2 Users access to Integration Projects =====
222 222  
... ... @@ -224,7 +224,7 @@
224 224  
225 225  ===== 3.6.1.3 User authorizations to Integration projects. =====
226 226  
227 -Every integration project has a model owner who can distribute rights across functionalities and environments. The picture below shows the various options available across the Integration Life Cycle (ILM) Phases Capture through Manage. In addition, the model owner manages the user permissions and needs to have the MFA authentication level passed before making any changes (which is asked of the model owner upon login).
226 +Every integration project has a model owner who can distribute rights across functionalities and environments. The picture below shows the various options available across the Integration Life Cycle (ILM) Phases Capture through Manage. In addition, the model owner manages the user permissions and needs to have the MFA authentication level passed before making any changes.
228 228  
229 229  * When Edit permission is granted on an ILM phase, all the sub-options are configurable
230 230  * View rights mean that all options can be viewed only
... ... @@ -297,8 +297,8 @@
297 297  
298 298  ==== 3.8.4 Data management ====
299 299  
300 -For more information on the conceptual ideas behind data management within the eMagiz platform, you can look at this [[fundamental>>doc:Main.eMagiz Academy.Fundamentals.fundamental-traceability-in-emagiz||target="blank"]]. For more concrete information on how to implement it within an eMagiz flow you could check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.advanced-data-management-data-sink||target="blank"]] and this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.advanced-data-management-long-term-archiving||target="blank"]]. All the information within the data sink and the long-term archiving solution is kept within the same VPC in the Cloud and can only be accessed by authorized parties.
301 -
299 +For more information on the conceptual ideas behind data management within the eMagiz platform, you can look at this [fundamental](fundamental-traceability-in-emagiz.md). For more concrete information on how to implement it within an eMagiz flow you could check out this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.advanced-data-management-data-sink||target="blank"]] and this [[microlearning>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.advanced-data-management-long-term-archiving||target="blank"]]. All the information within the data sink and the long-term archiving solution is kept within the same VPC in the Cloud and can only be accessed by authorized parties.
300 +
302 302  === 3.9 Compliancy ===
303 303  
304 304  * eMagiz is currentlty ISO-27001 certified.
... ... @@ -317,25 +317,5 @@
317 317  * Protecting your data is a joint responsibility between eMagiz and you
318 318  * The repository is read-only for clients
319 319  * Data in the Cloud is kept within your VPC
320 -* The portal is behind an MFA check
321 -
322 -== 5. Suggested additional readings ==
323 -
324 -* [[Fundamental (Navigation)>>doc:Main.eMagiz Academy.Fundamentals.WebHome||target="blank"]]
325 -** [[eMagiz Cloud (Explanation)>>doc:Main.eMagiz Academy.Fundamentals.fundamental-emagiz-cloud-inner-workings||target="blank"]]
326 -** [[Traceability (Explanation)>>doc:Main.eMagiz Academy.Fundamentals.fundamental-traceability-in-emagiz||target="blank"]]
327 -* [[Crash Courses (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.WebHome||target="blank"]]
328 -** [[Crash Course Platform (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.WebHome||target="blank"]]
329 -*** [[Security - Add MFA (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Platform.crashcourse-platform-security-add-mfa.WebHome||target="blank"]]
330 -** [[Crash Course API Gateway (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course API Gateway.WebHome||target="blank"]]
331 -** [[Configure Roles and Users (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course API Gateway.crashcourse-api-gateway-configure-roles-and-users||target="blank"]]
332 -** [[Crash Course Event Streaming (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Event Streaming.WebHome||target="blank"]]
333 -** [[User Management (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Crash Course.Crash Course Event Streaming.crashcourse-eventstreaming-user-management||target="blank"]]
334 -* [[Novice Level (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Novice.WebHome||target="blank"]]
335 -** [[eMagiz Cloud Management (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Novice.eMagiz Cloud Management.WebHome||target="blank"]]
336 -*** [[Cloud Templates Explained (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Novice.eMagiz Cloud Management.novice-emagiz-cloud-management-cloud-templates-explained||target="blank"]]
337 -* [[Advanced Level (Menu)>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.WebHome||target="blank"]]
338 -** [[Data Management (Navigation)>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.WebHome||target="blank"]]
339 -*** [[Data Sink (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.advanced-data-management-data-sink||target="blank"]]
340 -*** [[Long Term Archiving (Explanation)>>doc:Main.eMagiz Academy.Microlearnings.Advanced Level.Data Management.advanced-data-management-long-term-archiving||target="blank"]]
319 +* Production data in the portal is behind an MFA check
341 341  )))((({{toc/}}))){{/container}}{{/container}}