Configs.Cloud : Security

Security Implementations / Options

Contents

  • Security Implementation | Free Version
  • Security Implementation | Enterprise Version

Security Implementation | Free Version

This section details out all the privacy features provided by the Free Version of Configs.Cloud.
Configs.Cloud Security Implementation for Free Version

Client Layer Secure Client Connection (HTTPS) Connect Clients Securely using HTTPS to the management console and to the REST APIs, using industry standard CA certified certificates.
  Authentication Basic Authentication, using registered Username / password on the hosted site,
  Authorization Role Based Access Control (RBAC) , allowing users to either have view only or Admin access controls.
  Fully Audited All changes to any configurations are fully audited. So any changes can be backtracked to the user who did them.
  Versioning All configuration changes are fully versioned. So you always have access to all the previous versions of each of the configurations.
Backend Layer Encrypted Configuration Passwords All configurations marked as Passwords, will be stored in an encrypted format of users choice.
  Choice of Encryption Algorithm Pre-defined set of encryption algorithms for choice by user under their profile.

Security Implementation | Enterprise Version

This section details out all the privacy features provided by the Enterprise Version of Configs.Cloud.
Configs.Cloud Security Implementation for Free Version

Client Layer Secure Client Connection (HTTPS) / Custom CA Connect Clients Securely using HTTPS to the management console and to the REST APIs, using industry standard CA certified certificates (or) using custom CA as per Enterprise security requirements.
  Encrypted Config Transmissions Based on User request params, while querying for a configuration or a collection of configurations, calling application/ systems can request all configurations to be passed back as part of a REST response as encrypted to the clients runtime. In this case, Configs.Cloud will pass the encrypted configuration back to the calling application, which can then decrypt configurations and use this as appropriate. This advanced feature provides enhanced security against any hacks even during the transmission mechanism. Encryption algorithms for the configurations on disk can be set up in the management console.
  Authentication Basic Authentication, using Username / password is provided by default. Any other auth types viz. OAuth, SAML, Kerberos etc can be provided on request. Providers for these new auth types is expected to be provided by the purchasing business.
  Authorization Role Based Access Control (RBAC), allowing users to either have view only (or) Admin access controls (or) API only users, limiting these users to invoke APIs only.
Authorizations provided at dataset level. Configurations can be filtered based on the user and their authorization on a given dataset.
  Fully Audited All changes to any configurations are fully audited. So any changes can be backtracked to the user who did them.
  Versioning All configuration changes are fully versioned. So you always have access to all the previous versions of each of the configurations.
Backend Layer Fully Encrypted Configurations All configurations, will be stored in an encrypted format of users choice.
  Choice of Encryption Algorithm Pre-defined set of encryption algorithms for choice by user under their profile. Businesses can request for additional encryption algorithms (at their cost) and we will be happy to enforce them if feasible technically.

  Envrypted DB at REST Entire DB can be encrypted at REST (depending on features provided by cloud service provider).

Contact us today, for enquiries on using Configs.Cloud in your Enterprise.