Chat now with support
Chat mit Support

On Demand Global Settings Current - Security Guide

Subscription Services

The Subscription Service stores customer contact information and can process credit card transactions associated with subscription purchases and renewals.
Cybersource is the credit card payment gateway. Cybersource receives the necessary information required for purchase transactions. Required fields are as follows:
credit card number
expiration date
name
address
email address
Tradesphere is the trade compliance system. Tradesphere receives name, address, and country information.
Salesforce is the subscription billing system. Salesforce receives all the product details along with the customer billing and shipping information that is required for invoicing. In addition, customer quotes are quoted in Salesforce using the account, contact, and product details housed in Salesforce. Orders are billed and invoiced through Salesforce billing. Details of a new subscription, subscription amendment, and subscription renewal orders are passed to the On Demand platform for the purposes of provisioning tenant environments on the On Demand platform.

Data handled by the Notification Service

On Demand Notification Service manages customer email addresses. Every email sent by the Notification Service is scanned for viruses and malware.

All request data sent to On Demand Notification Service is persisted by default. This includes the notification recipients as well as any data placed inside the notification template. For more information about what customer data could be included in a notification, please refer to the security information for the relevant module.

Location of customer data

Azure

When customers sign up for On Demand, they select the region in which to run their On Demand organization. All computation is performed in and all data is stored in the selected region. The currently supported regions are the United States, Canada, European Union, United Kingdom, and Australia. Other regions may be added over time. For the most up-to-date information, see https://regions.quest-on-demand.com/ .

Windows Azure Storage, including the Blobs, Tables and Queues storage structures, by default get replicated three times in the same datacenter for resiliency against hardware failure. The data is replicated across different fault domains to increase availability. All replication datacenters reside within the geographic boundaries of the selected region.

See this Microsoft reference for more details: https://docs.microsoft.com/en-us/azure/storage/storage-redundancy.

AWS

All computation is performed in and all data is stored in the selected region. The only exception is transportation and delivery of email notifications for the Canada region is done through the US due to AWS Simple Email Service region availability. Amazon S3 and DynamoDB data is stored redundantly for resiliency against hardware failure. All replication datacenters reside within the geographic boundaries of the selected region.

See these AWS references for more details:

https://aws.amazon.com/s3/details/#durability
https://aws.amazon.com/s3/details/#security
Quest Identity Broker

Authentication Services are provided to On Demand by the Quest Identity Broker. The QIB is hosted in multiple availability zones in Azure US region and database backup and transaction logs are replicated to another Azure region for increased availability. Data is stored in an Azure Database for PostgreSQL Flexible Server.

Subscription service

Subscription services are provided to On Demand through a combination of internal software and our partners CyberSource, TradeSphere, and Salesforce, all of which are in the US.

Privacy and protection of customer data

Customer data is differentiated using a unique organization identifier. This organization identifier is generated securely during customer sign-up. This organization identifier is passed to the user interface via a tamper proof (signed) token (JSON Web Token). This is passed with all requests made and is used to provide the organization context for all back-end services. The signed token (JSON Web Token) has a ‘Time to Live’ of 5 minutes and must be refreshed and re-authorized at this time. Failure to do so results in access being lost to On Demand Core.

The most sensitive customer data collected and stored by On Demand Core is the refresh token for Azure Active Directory. This token is only accessible by service accounts. The user cannot access this token. This token is protected through encryption within the Azure Key Vault service. The process of encryption and decryption is transparent to On Demand Core.

Quest Software employees and Microsoft employees do not have access to and cannot see the keys used for encryption and decryption. The process of encryption and decryption is transparent to On Demand and takes place between the Azure Key Vault Service and Azure Storage Tables. The keys are stored in a Hardware Service Module within the Azure Key Vault which is FIPS-2 level validated by Microsoft Azure. These keys are rotated hourly. For more information, see: https://azure.microsoft.com/en-us/services/key-vault/.

Customer data passed within a notification to the Notification Service is stored but cannot be retrieved.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen