Identity Defense Current - Security Guide

Introduction About Identity Defense Architecture Overview Azure Datacenter Security Overview of Data Handled by Identity Defense

Artificial Intelligence in Identity Defense Enabling and Disabling Identity Defense Intelligence AI Safety in Identity Defense

Admin Consent and Service Principals Location of Customer Data Privacy and Protection of Customer Data Network Communications Authentication of Users Role Based Access Control FIPS 140-2 Compliance SDLC and SDL Third Party Assessments and Certifications

Penetration Testing Certification

Operational Security

Access to Data Permissions Required to Configure and Operate Identity Defense Operational Monitoring Production Incident Response Management

Customer Measures

Access to Data

Access to Identity Defense data is restricted to:

Quest Operations team members
Specific Quest Support team members working closely with Identity Defense product issues
The Identity Defense development team, providing support for the product

Access to Identity Defense data is restricted through the dedicated Quest Entra ID security groups. For different types of data (e.g., product logs, customer data, and sensitive data), different access levels, and lists of allowed people are assigned.

Permissions Required to Configure and Operate Identity Defense

Quest Operations team members have access to Quest’s production Azure Subscription and monitor this as part of normal day to day operations. Identity Defense developers have no access to Quest’s production Azure Subscription.

To access Identity Defense, a customer representative goes to the Security Management Platform website, and signs in using their Microsoft Entra ID account. As part of the sign-up process, they must provide a valid email address to receive and respond to a verification email from Quest Software.

An organization is automatically created once the new account is created.

Prerequisites:

Microsoft Entra ID Global Administrator must give the Admin Consent to provision Security Management Platform for the customer's Microsoft Entra ID with the following permissions:

Microsoft Graph

Read all audit log data
Read all identity risk event information

Azure Active Directory Graph

Read directory data
Office 365 Management APIs
Read activity data for your organization
Read service health information for your organization

Microsoft Graph permissions reference - Microsoft Graph | Microsoft Docs

Operational Monitoring

Identity Defense internal logging is available to Quest Operations and Identity Defense development teams during the normal operation of the platform. Some customer or Personally Identifiable Information (PII) data can become a part of internal logging for troubleshooting purposes.

Production Incident Response Management

Quest Operations and Quest Support have procedures in place to monitor the health of the system and ensure any degradation of the service is promptly identified and resolved. Identity Defense relies on Azure infrastructure, and as such, is subject to the possible disruption of these services.

Quest Security Management Platform services status page is available at https://status.quest-on-demand.com/.
Azure services status page is available at https://azure.microsoft.com/en-ca/status/.
AWS services status page is available at https://status.aws.amazon.com/

Documents connexes

The document was helpful.

Sélectionner une évaluation

I easily found the information I needed.