Introduction
Managing information system security is a priority for every organization. In fact, the level of security provided by software vendors has become a differentiating factor for IT purchase decisions. Quest strives to meet standards designed to provide its customers with their desired level of security as it relates to privacy, confidentiality, integrity and availability.
This document describes the security features of Nova Reporting. This includes access control, protection of customer data, secure network communication, and cryptographic standards.
About Nova Reporting
Nova Reporting provides more than 100 customizable Office 365 reports and dashboards, which can help you to make fast decisions and manage your licenses, user adoption, mail flow, security settings, permissions, storage optimization and much more.
Key features:
·Drill-down based on Microsoft Entra attributes
·Correlate data from Teams, SharePoint Online, Exchange Online, Yammer and the native audit log
·Visualize data with charts, heat maps and more
·Export, schedule and share insights across your entire organization in a secure and controlled manner
·Share free/busy information between tenants.
Nova Reporting is hosted in Amazon Web Services and delivers most of its functions via Amazon Web Services cloud services.
Architecture overview
The following diagram shows the key components of the Nova Reporting configuration.
AWS and Azure datacenter security
Microsoft Azure datacenters have the highest possible physical security and are considered among the most secure and well protected datacenters in the world. They are subject to regular audits and certifications including Service Organization Controls (SOC) 1, SOC 2 and ISO/IEC 27001:2005.
Relevant references with additional information about the Windows Azure datacenter security can be found here:
·Microsoft Azure Trust Center: https://azure.microsoft.com/en-us/overview/trusted-cloud/
·Microsoft Trust Center Compliance: https://www.microsoft.com/en-us/trust-center/compliance/compliance-overview?service=Azure#Icons
·Microsofts submission to the Cloud Security Alliance STAR registry: https://cloudsecurityalliance.org/star/registry/microsoft
·Whitepaper: Standard Response to Request for Information Security and Privacy: http://www.microsoft.com/en-us/download/details.aspx?id=26647
·Microsoft Global Datacenters: Security & Compliance: https://www.microsoft.com/en-us/cloud-platform/global-datacenters
·Azure data security and encryption best practices: https://docs.microsoft.com/en-us/azure/security/fundamentals/data-encryption-best-practices
Amazon Web Services (AWS) datacenters have the highest possible physical security and are considered among the most secure and well protected datacenters in the world. They are subject to regular audits and certifications including SOC 1, SOC 2 and ISO/IEC 27001:2005.
Relevant references with additional information about the AWS datacenter security are listed below.
·AWS Security Center: https://aws.amazon.com/security/
·AWS Compliance: https://aws.amazon.com/compliance/
·AWS Global Infrastructure: https://aws.amazon.com/about-aws/global-infrastructure/