Securing your data
Maestrano tool suite enforces secure data exchange between applications and provides a full control for third-parties data access.
Authentication and Authorisation
Single Sign-On Support
Maestrano acts as an identity consumer with major Single Sign-On providers such as Google, Facebook, LinkedIn.
It also acts as an Identity Provider and supports SAML 2.0 and OpenID allowing an easy and secure integration with third-party systems.
User Access Control
To register on the Maestrano platform, users must follow passwords policies:
- Minimum length and complexity of password
- Enforced password rotation
- Account lock out when exceeding a threshold of consecutive sign-in failed attempts
The access to applications and data is controlled by administrators
- Assign roles to users, see Adding users to an organization on Maestrano
- Control access to applications on a per-user basis
- Role-based access to data and reporting
Securing the data
Secure data exchange
All access to data retrieved from third-party systems is performed using their public APIs. Maestrano conducts an audit of these data providers to ensure they comply with security standards before undergoing any integration work. All data transiting between third-party systems and Maestrano are encrypted with a minimum requirement of 256-bit SSL certificate.
Maestrano exposes data via its public APIs and enforces traffic encryption with all clients using 256-bit SSL certificates. Authentication is performed using API keys or temporary tokens that are securely stored by Maestrano Identity Manager (IdM)
Network Protection
All network traffic with the Maestrano platform is under active monitoring to detect threats, suspicious access and DDoS attacks.
Maestrano's components are accessed through a Firewall configured with security rules blocking unwanted traffic.
This type of firewall has a list of firewall security rules which can block traffic based on IP protocol, IP address and/or port number. Under this firewall management program, all web traffic will be allowed, including web-based attacks. In this situation, you need to have intrusion prevention, in addition to firewall security, in order to differentiate between good web traffic (simple web requests from people browsing your website) and bad web traffic (people attacking your website).
Data Centres
Maestrano platforms can be hosted on any public cloud conforming with security standards and provides reliable access to the data:
- Active monitoring of the platforms detects anomalies on servers and applications, allowing our technical teams to react instantly to these events
- Redundancy of components across multiple regional data centres
- Zero-downtime deployments of components to avoid interruption of services when upgrading the platform
Data integrity
All Maestrano components databases are replicated across several servers to ensure data availability.
Data stored by Maestrano is frequently backed-up on secure servers and can be restored in a disaster recovery scenario.
Audit Trails
All activities performed by users on the platform are logged and can be reviewed by administrators. This covers access to the Developer Platform and Maestrano front-ends.
Data exchanged by applications controlled by Connec!™ with the following capabilities
- track source application of data creation or modification
- fine grained audit trail of modifications (values changed with exact timestamp)
- restore data from a specific point of time
- reporting of data creation or modification per application