Separation of customer data
A common concern related to cloud based services is the prevention of commingling of data that belongs to different customers.On Demand Recovery has architected its solution to specifically prevent such data commingling by logically separating customer data stores.
Customer data are differentiated using a Customer Organization Identifier. The Customer Organization Identifier is a unique identifier obtained from the Quest On Demand Core that is created when the customer signs up with the application.
This identifier is used throughout the solution to ensure strict data separation of customers' backups in the Azure Blob storage.
Furthermore, each customer has its own instance of Elasticsearch that is used for unpack, object search, and restore operations. Elasticsearch index is stored on a separate Azure Disk with enabled encryption in the Quest Azure subscription.
All communications to and from the On Demand Recovery web application go over HTTPS, and the SSL certificates are issued by trusted certificate authorities. As for the On Demand Recovery web application itself, it enforces that all communications occur over HTTPS connections. If a user tries to access via a regular HTTP, the application will redirect the request to HTTPS version of the endpoint’s enabled connection. On Demand Recovery communicates with Azure Active Directory Graph API over HTTPS. TLS 1.2 is enforced for this communication.
Authentication of users
The customer logs in to the application by providing On Demand user account credentials.
The process of registering an Azure AD tenant into On Demand Recovery is handled through the well established Azure Admin Consent workflow. For more information about Azure Active Directory Admin Consent workflow, refer to the Quest On Demand Core product documentation:
Role based access control
Quest On Demand provides permission-based roles to determine what permission level a user has and what tasks the user can perform.
For more details, see Adding users to an organization section in the On Demand Global Settings User Guide.
List of permissions that can be assigned to Recovery module users
- Can manage backup settings
- Can download hybrid credentials
- Can run backup manually
- Can unpack backups
- Can run difference report
- Can restore from objects
- Can restore from differences
- Can read backup history
- Can read unpacked objects
- Can read differences
- Can read task history
- Can read events
- Can read restore attributes
- Can read UI projects
- Can read UI collections
- Can manage events
||NOTE: On Demand administrators have full access to global settings and all module permissions.|