지금 지원 담당자와 채팅

라이브 도움말 보기
등록 완료

로그인

가격 산정 요청

영업 담당자에게 문의

On Demand Global Settings Current - Security Guide

콘텐츠 탐색

About On Demand Shared Services

About On Demand Core

Architecture Overview Authentication and Consents

User Authentication Quest On Demand Application Consent Admin Consent and Service Principals

About the On-Premises Agent Role Based Access Control Auditing Notification Service Data Egress Service Azure Datacenter Security AWS Data Center Security Overview of Data Handled by On Demand Core

Data Handled by Core Data Handled by the Notification Service Data Handled by Common Storage Services

Location of Customer Data Privacy and Protection of Customer Data Separation of Customer Data Network Communications FIPS 140-2 Compliance SDLC and SDL Third party Assessments and Certifications

Penetration testing Certification

Operational Security

Access to Data Permissions Required to Configure and Operate On Demand Operational Monitoring Production Incident Response Management Security Incident Response Management

Customer Measures

Third party Assessments and Certifications

Penetration testing

On Demand has undergone a third party security assessment and penetration testing yearly since 2017. The assessment includes but is not limited to:

•

Manual penetration testing

•

Static code analysis with Third Party tools to identify security flaws

A summary of the results is available upon request.

Penetration testing

Third party Assessments and Certifications

On Demand has undergone a third party security assessment and penetration testing yearly since 2017. The assessment includes but is not limited to:

•

Manual penetration testing

•

Static code analysis with Third Party tools to identify security flaws

A summary of the results is available upon request.

Certification

On Demand is included in the scope of the Platform Management ISO/IEC 27001, 27017 and 27018 certification:

ISO/IEC 27001 Information technology — Security techniques — Information security management systems — Requirements: Certificate Number: 1156977-3 , valid until 2025-07-28.

ISO/IEC 27017 Information technology – Security techniques – Code of practice for information security controls based on ISO/IEC 27002 for cloud services: Certificate Number: 1156977-3, valid until 2025-07-28.

ISO/IEC 27018 Information technology — Security techniques — Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors: Certificate Number: 1156977-3, valid until 2025-07-28.

Quest Software, Inc. has successfully completed a SOC 2 examination of its On Demand solution. The examination was performed by an independent CPA firm for the scope of service described below:

Examination Scope: Quest On Demand Platform

Selected SOC 2 Categories: Security

Examination Type: Type 2

Review Period: August 1, 2022, to July 31, 2023

Service Auditor: Schellman & Company, LLC

Operational Security

Access to On Demand Core data is restricted to Quest Operations team members. On Demand developers have no access to customer production data.

관련 문서

The document was helpful.

평가 결과 선택

I easily found the information I needed.

평가 결과 선택

© ALL RIGHTS RESERVED. 이용 약관 개인정보 보호정책 Cookie Preference Center