How eBMS Ensures System and Data Security
Our clients can be assured that eBMS takes the security of the data stored extremely seriously. With a wide client base ranging from government departments, councils, not-for profits and the private sector, our customers can all rest assured their data is kept secure at all times.
Below is how we approach security: in our infrastructure, within the Nimblex application itself and how we utilise third parties.
Nimblex is hosted on Microsoft Azure, a leader in secure scalable computing infrastructure. Azure meets stringent security requirements, including physical controls at the datacentres, data privacy guarantees and robust controls.
Azure has extensively published their security practices and certifications, and hosts over 50 security certifications both conforming to International Standards as well as country specific specifications.
Notable Azure Certifications
- ISO 27001:2013 Information Security Management Standards
- ISO 27017:2015 Code of Practise for Information Security Controls
- ISO 9001:2015 Quality Management System Standards
- IRAP: Australian Governments Information Security Registered Assessor Program
- New Zealand CC Framework
- US FIPS 140-2
Due to the business sensitive data hosted on eBMS servers on behalf of clients, we understand how important it is to ensure that all data is appropriately secured. [Read more about encryption's role in cybersecurity: "Data Encryption: A Weapon for Cybersecurity"]
Data in Transit
All data is transferred between eBMS servers and user devices using up to 256-bit encryption via TLS1.2 and a class leading certificate provider. All data is transferred using HTTPS.
Data at Rest
All data stored in our Azure data centres is encrypted at rest to safeguard our clients’ data. Data is encrypted using a symmetric encryption method and keys are stored in an encryption key vault in Azure to limit access. Azure Activity Directory is used to provide only limited access to keys to specific services and users.
- A symmetric encryption key is used to encrypt data as it is written to storage. This uses AES256 security to ensure its integrity.
- That key is used to decrypt that data in memory for use.
- Keys are stored in an Encrypted Azure Managed Key Vault.
Virtual Private Network Protection
The eBMS team uses secure connections when working on Virtual Machines in the secured Azure network. Network access happens via an industry-standard VPN solution which is locked down to a strict set of eBMS operational and security staff.
All customer data and system designs are backed up on a regular basis. The following schedule is adhered to in regard to backups to ensure your data is accessible when needed.
- Instant Restore Snapshots are stored for two days.
- Daily backups are taken overnight and stored for 14 days.
- Weekly backups are taken on a Sunday and stored for four weeks.
- A monthly backup is taken on the first Sunday of the month and is stored for six months.
All data is stored utilising Azure’s Geo-redundant Storage (GRS) model to enable swift switching of data centres if the primary tenancy becomes unavailable. When stored in GRS, data is synchronously copied to three physical locations in the primary region using LRS. It then copies the data asynchronously to a single physical location in a secondary region providing a durability for data storage of 99.9999999999999999% over a year.
All systems are monitored to ensure the latest operating system security and critical patches are tested and deployed as soon as possible after being released from their vendors. Using an industry standard toolset, we can ensure that all our eBMS hosted systems are compliant and centrally monitored.
Anti-Virus and Anti-Malware
All eBMS servers and end user desktops have pro-active anti-virus and anti-malware protection installed. With a central monitoring ability, eBMS administrators can ensure that all systems are secured to the latest patches using industry leading software.
The following outlines the application level controls put in place to manage users and data within the Nimblex application.
Administrators have the ability to enforce password complexity, length, age and whether previous passwords can be used. Administrators also can force a reset of user passwords when required.
Passwords are never transmitted in plain text. eBMS only stores a salted one-way hash of the password and not the actual password itself. When logged in, users are authenticated and re-verified with each transaction via a secure token created at login. [Read more: "How Do Passwords Work?"]
Utilising an Authentication Gateway for Single Sign On
Nimblex supports SAML 2.0 compliant gateways for Single Sign On, allowing administrators to centrally manage the security complexity, and authentication requests from an organisational gateway.
Gateways such as Azure AD and GSuite have been used successfully by organisations in the past to authenticate users. No passwords are sent to Nimblex when users login via this method.
Administrators have the ability to define how the system handles incorrect attempts to login to the system. There are two methods available for managing user lockouts.
Exponential Lockout – Allows a user to attempt to login a set number of times, before being locked out for a set amount of time. They can then try again to log in once this time has expired. In this scenario, no administrator intervention is required.
Fixed Number of Failures – This restricts the user to only a certain number of login attempts before they will be locked from the system. To be unlocked they will need administrator intervention.
Nimblex utilises a role-based permissions system which can be centrally managed by the administrators from the control panel of the application. Due to the flexible nature of the system it is possible that custom groups may be created to allow for client specific business rules. These permissions will be clearly outlined in the documentation developed during your project.
Here we will focus on the standard system user group types:
- General User
- Read Only User
- Guest User.
Whilst the table below may not outline all the functions available, it provides a good overview of standard access within the system.
Further System Controls
To further allow organisations to tailor their security experience within Nimblex, we offer a range of security controls that can be implemented individually or in batches depending on business requirements.
Read Only Controls
At system design you can specify for specific fields to be Read Only always, or when certain conditions are met. This will prevent data stored in a field from being altered/modified or deleted by any user not adhering to a set of logic.
Control Visibility Rules
At system design you can specify certain data to only appear on screen for specific roles or logic requirements. For example, you may have a block of data only visible on screen to a set of administrators.
eForm Level Permissions
The following set of rules defines how we can control access to particular eForms and their specified records and data.
These are role-based permissions that apply across every record of an eForm. They will provide an overall view of the eForm to Read, Write, Delete and Administrate that particular eForm. This is a step-up based design, that is, without the lower level you cannot do the higher level (e.g. cannot write without read access).
Record Level Filtering
This allows you to specify who has access to record level data. At system design this is where access to read and write to specific records is generated and controlled. This will allow you to apply further logic than just role-based permissions.
Component Access Control Lists
Component Access Control Lists allow defining access permissions at the very lowest level. On a per-column and per-folder basis you can specify read and write access for users.
Function security allows you define role (user or group) based permissions to use specific system-wide functions within the system. Functions such as Access to a Web API, Ability to Export records, the System Scheduler, System Designer, etc. can be controlled via function security.
You can use this to restrict access to your instance to a specific list of IP addresses, which may be a useful security feature for organisations wishing to only allow access from organisational premises. This is done at an application level.
Manage Temporary Replacements
We understand people go on leave, and as such we have built a function to manage workloads of staff on a temporary basis. This allows you to assign a user access to another user’s profile temporarily (date/time limited). This prevents passwords being shared internally, as well as keeping any decisions made whilst in this role auditable.
The audit report captures various actions across the system. This report captures metadata such as user login information, switching into other roles, as well as data saved into the system.
All data is owned by the client and no claim of ownership is made by eBMS over any records or documents created within Nimblex. We also respect your privacy and will never make client records visible without permission.
eBMS places security at the highest level, as such we have management buy-in of all security practices within eBMS to ensure security is maintained and continuously improved.
eBMS performs periodic risk reviews for both internal and external systems to ensure that we are aware of the risks and have a mitigation plan in place to mitigate the risk. Security procedures, information and training is shared openly among eBMS staff with a continuous improvement mindset.
Administrative access to eBMS hosted systems is controlled. Only authorised members of the eBMS team have access to the Azure Portal and Remote Desktop Capabilities. eBMS Support staff will get application level access to implement change requests at a client’s request.
Security Reviews are performed at multiple times during the development process. This includes code reviews and architectural reviews. All code reviews have a focus on the security of data and may include things such as authentication, authorisation, and secrecy.
At an application level, security related configurations (as outlined in the Application Controls section of this document) are always reviewed by a second eBMS employee to ensure their compliance to the system design agreed between the client and eBMS, as well as their practicality from a security and performance point of view.
eBMS engages a third party to perform penetration testing on an annual basis. These firms are specialist application security firms who analyse Nimblex and its hosting for vulnerabilities. To test for these, they use industry based automated tools and extensive manual testing.
eBMS and the Nimblex platform have been designed with a security-first blueprint to ensure our customers’ data is kept safe at all times. By using a mixture of infrastructure, application best practices and industry leading partners, eBMS can ensure that all data within the Nimblex platform is secure.
The infrastructure keeps the data secured both whilst at rest and in transit, with regular geo-redundant backups to ensure we can always access the data when required.
With constant monitoring for security compliance on all eBMS servers and with industry leading anti-virus and anti-malware agents, you can rest assured that your data is always kept safe.
Whilst the application allows for extremely tailored data access to users - based on more than just their role but a myriad of other features, from access to a form, the visibility of a block of data, or the ability to call a Web API - Nimblex can be customised specifically to your organisation’s business rules and security requirements.
eBMS is committed to following best practices and ensuring that our continuous security initiatives will continue. As such, we are currently undergoing a project to ensure we become ISO27001:2013 compliant by the start of the calendar year 2021.
To explore our features, our security controls, and the platform in more detail, why not request a demo now and speak to one of our sales team who will be happy to answer any further questions you might have.