User Tools

Site Tools


replicator_agent_security_faq

Security FAQ


1.1 Is data at rest in the Perspectium Cloud database encrypted?

Yes, the data at rest inside the Perpectium Cloud database can be secured by encryption for an additional cost. Perspectium uses Amazon Web Services which allows the encryption of data using the industry standard AES-256 encryption algorithm. Please refer to the following link for further details on Encrypting Amazon RDS Resources.

1.2 Is my connection to the database in the Perspectium Cloud secure?

The connection to our database is highly secure. We can also set it up as a secure SSL connection for an additional cost. Please refer to the following link for further details on Using SSL to Encrypt a Connection to a DB Instance.

1.3 Which encryption algorithm does Perspectium use for data encrypted at ServiceNow?

The cipher Perspectium uses is Triple DES by default and Advanced Encryption Standard 128 (AES-128) as an option in v3.3.0. See Encryption.

1.4 Does Perspectium support 128 bit AES encryption?

Yes, we support 128 bit AES encryption since v3.3.0

1.5 When we change our encryption key in ServiceNow, how does that get updated in the conf XML file?

This is done manually using a text editor.

1.6 Is the authentication data (username/password) encrypted between the agent and the cloud? Or is it sent in clear text?

User credentials are encrypted as HTTP headers in an HTTPS POST.

1.7 Describe the encryption or data at rest and in transit.

The data is encrypted within the ServiceNow Instance using Triple DES (AES-128 option available in v3.3.0) before being transmitted to the Perspectium cloud using HTTPS. The payload remains encrypted while at rest within the Perspectium Message Bus until it’s consumed by either a ServiceNow Instance or a Perspectium Replicator Agent. The former will decrypt the data just prior to being inserted into a ServiceNow table and in the latter the Replicator Agent decrypts the data just before it’s sent to the database server.

1.8 Does the Perspectium QA team assess security aspects of the offering during code reviews?

Perspectium performs a weekly infrastructure review which includes security. We also perform a daily code review as part of our sprints which includes security as needed.

1.9 What are the security features that Perspectium offers?

All Perspectium data is transmitted using HTTPS and AMQPS as secure protocols. An option of having the data encrypted while in Perspectium's Cloud based Database is available. The on-premise Replicator Agent supports a proxy using HTTP/HTTPS to talk to external servers such as those within the Perspectium Cloud environment. VPN's can be set up at an additional cost.

2.0 Can the Perspectium Agent connect to ServiceNow through a proxy server?

Yes, you can use a proxy server to connect the Perspectium Agent to ServiceNow v3.2.2. For further details on proxy configuration, please visit here.

replicator_agent_security_faq.txt · Last modified: 2018/08/09 14:27 by timothy.pike