Cloud-Based CCM Security: Data and Application Levels
In a previous post, Security Overview: Cloud-Based Customer Communications Management, we gave you a quick summary of each of the security layers: physical, network, operating system (OS), database and application. Let’s take a closer look at cloud-based CCM security at the application level, which includes handling of customer data.
With so many variations in modern security schema, how in the world can software vendors support everything that’s out there? The good news is it can be done. There are open-source solutions that are doing an exceptional job of not only establishing a security methodology that can be more or less universally applied, but also simplify identifying and responding to vulnerabilities.
Using community-developed open-source software yields more agility, speed and resiliency than any single organization could do on its own. The community essentially swarms to plug security holes as soon as they appear. That’s why we chose an open-source security solution for INTOUCH®, our new 100% cloud-based CCM solution.
As with every other aspect of the design and development of this new services-oriented software, we’ve made decisions that allow for integrated, flexible and scalable deployment within a larger digital experience architecture that likely has multiple security measures and approaches already in place. When you adopt INTOUCH, you’re going to be able to continue using the security systems you already have in place and are comfortable with.
INTOUCH Identity and Access Management
INTOUCH employs a multi-realm authentication and authorization scheme. Each customer is assigned a realm, or multiple realms, and all operations and data are isolated by realm and by user. Topdown authentication allows customers to use their own identity stores, such as LDAP or Active Directory, or they may default to the Topdown-provided store. Because of these flexible deployment capabilities, security administrators can control authentication and access to INTOUCH via tools with which they are accustomed.
We give customers full control over their realms so they can set password policies and assign users to roles. Topdown identity management supports Single Sign-On (SSO), Federated Identity Management (e.g., using social media credentials), and Identity Brokering. It also provides support for the standard protocols such as OpenID Connect, OAuth 2.0 and SAML 2.0.
INTOUCH Application Security and Authorization
At the application level, INTOUCH employs a hybrid approach based on Access Control List (ACL) and role-based access authorization to its functions and objects. Customers have direct control over the roles assigned to their users and may assign users to various groups, each group authorized with its own set of privileges (e.g., Contributor, Editor, etc.).
Users may be given the authority to author content, templates and layouts by organizational or asset library (i.e., repository) structure. For example, they could organize the application by folders and subfolders for each organizational unit and then, within the folders, they could permission what asset types a user can create, edit or delete. Users may also be restricted solely to communication creation based upon organizational or asset library structure.
The INTOUCH security implementation supports using LDAP as a backend connection into the INTOUCH application so that your security administrators may directly control roles, groups and authorizations via the tools and systems that are familiar to them.
For the more granular INTOUCH-specific access controls, business administrators can use the INTOUCH app to further restrict or grant access to objects within the INTOUCH libraries.
Managing Upgrades to INTOUCH
You don’t have to worry about security when it’s time to upgrade, either. Topdown follows standard SDLC processes. We anticipate, at minimum, one major release per year, plus quarterly maintenance releases and rapid releases (critical fixes only) on an emergency basis.
We give our customers multiple advance notices when releases will be made available. We provide documentation detailing new features and fixes. After each announcement, customers will have 90 days to try out the latest release in a test environment before it is moved into each customer’s production instance.
INTOUCH architecture and deployment complies with the following specifications and controls:
- Service Organization Controls 1 (SOC 1)
- Service Organization Controls 2 (SOC 2)
- Statement for Attestation Engagements (SSAE 16)
- International Standards for Assurance Engagements No. 3402 (ISAE 3402)
- HIPAA/HITECH Act and Omnibus Rule
- National Institute of Standards and Technology (NIST)
- NIST SP 800-53
- NIST SP 800-171
- International Standards 27001
Adherence to these standards provides our customers the ability to be compliant with several other U.S. and European standards and controls such as FINRA, Gramm-Leach-Bliley Act (GLBA), Family Education and Rights Privacy Act (FERPA), European Network Information and Security Agency (ENISA), and the Canada Personal Information Protection Electronic Documents Act (PIPEDA), among others.
All data are isolated and secured during storage and transactions within the Topdown cloud. When sensitive customer data are collected, they are supplied in an encrypted format using keys specific to that customer. The encrypted data packet is tagged according to the realm from which it was obtained.
Topdown uses representative data whenever actual data are not directly required -- for example, when sizing display or layouts of pages and communications. Sensitive in-the-clear data are limited to only those cases where their use is required for calculations or for final presentation. In those cases where data must be used in its clear form, Topdown employs best programming practices to ensure that sensitive data are isolated within a process and is immediately re-encrypted upon task completion. Customers are given the option to have those processes that require in-the-clear data to be run in private containers that will process data only for that individual customer.
Physical, network, OS and database security are completely or mostly covered by our partnership with world-class cloud providers who provide more layers of effective, redundant high-level security than we or our customers could ever provide ourselves. But at the application level, where we have complete control and responsibility, we’ve made decisions that will give our customers maximum deployment flexibility while maintaining app security and customer data integrity at the highest levels of protection.
Subscribe to our blog to get new posts every week about everything that’s important to those involved in delivering exceptional customer experiences and managing customer communications.