Security & Architecture NetSuite’s Security & Architecture Kevin Brown © Copyright NetSuite Inc., All Rights Reserved.
Security and Architecture Introduction Security Confidentiality Integrity Availability SLC (Service Level Commitment) Architecture Compliance FAQ’s
Security
Security: Confidentiality Internet Firewalls Block unauthorized attempts to access our data center. Port scans are run regularly to identify any vulnerabilities within our network. 128-bit secure socket layer data encryption All data passed back and forth is encrypted Application-only Access System divided into layers that separate data from the application. Login gives access to the application layer…prevents malicious altering of data Role Level Access, Idle Disconnect and Account Lockout User has roles with access restrictions related to their job Detects idle connections and locks IE Window Two-Factor Authentication (Strong Authentication) Scheduled for phased release (9/07 – 11/07) One-time key entered to log into NetSuite IP Address Restriction Avail
Security: Integrity Data Integrity We will not view or access records without the customer’s permission We do not store passwords (sha-256 encrypted version of password, so we have no access to your password) Passwords can now managed in the application Two Phase commit and our structure ensures Integrity Use Oracle DB capabilities (two phase commit) to ensure transactional integrity A completed transaction is put on two individual sets of RAID array (double redundancy) Redundant Array of Inexpensive Drives provides for increased data reliability What does all of this mean? When a transaction is submitted, if the page returns, the data is there
Security: Availability Back-Up Nightly tape back-ups Remote archives of tape Hot Back-ups Disaster Recovery Currently we leverage Level(3)’s disaster recovery program and facilities Data restored from tape Redundancy Power Hardware Internet (We’ve got a back up!) Talk to upgraded DR avail
SLC Service Level Commitment (SLC) / Uptime 99.5% target uptime for each month First company to guarantee uptime Wait…We are the only company to guarantee uptime (at least in our market) Scheduled Maintenance Windows 5 hour period every Friday and Saturday starting at 10 p.m. Pacific Time Where possible targeted to local time URL for NetSuite monitoring http://status.netsuite.com/status.html
Architecture
Architecture Three-tier architecture Fault-tolerant session fail over the data delivery layer the application layer the database layer Fault-tolerant session fail over if one server fails, your connection is seamlessly handed over to another server Redundancy Power Hardware Internet (we’ve got a back up) This level of Architecture means security!
Architecture Continued
Performance / Storage Performance High Performance/Usage companies Load-Balancing ability to shift connections among servers to spread the load evenly Internet connection to the two major Internet backbone providers ensures that there are no data transmission bottlenecks to our data center High Performance/Usage companies Minimum GAAP and a fee for the server Numbers below are guidelines…check Sales Tools for details Tier Three GAAP $40,000 Server Fee $40,000 annually Tier Two GAAP $150,000 Server Fee $75,000 annually Tier One GAAP $225,000 Server Fee $100,000 annually Current Customers 10,000 transactions a day They do not own the hardware Does not ensure better application performance Still share application server (DB may respond better) Does provide more control
Compliance
Compliance: SAS 70 SAS 70 Report NDA required to release report Type II report (vs. Type I report) Type II more detailed / thorough Results: No Material Exceptions were noted Areas Audited Systems Development and Change Management System Data Back up Procedures Logical Security Physical Security Environmental Security
Compliance: PCI PCI Compliant (Payment Card Industry) Our Report on Compliance was accepted by both Ambiron TrustWave (highly respected PCI auditing service) and Visa Encrypted Credit Card View Users (except Administrator and Full Access) will not see unmasked credit card numbers except when entering a new Card Password requirements Certain Roles must change password every 90 days Seven (7) characters Sign release to be able to see un-encrypted cards To verify certification see Visa website http://usa.visa.com/download/merchants/cisp_list_of_cisp_compliant_service_providers.pdf
FAQ’s Who owns the data? The customer, they can export it through CSV (individual reports and full csv export), Web Services and ODBC. What happens if my ISP goes down? Call us and we’ll provide dial up instructions to reach our service (temporary solution). How Scalable is NS? We use load balancers to keep load consistent across the farm. We maintain the farm such that peak usage is within our acceptable range. The acceptable range is low enough to accommodate surges and spikes without performance degradation We also use our application so the appropriate level of management on the operations side can get visibility into future demand, therefore we have machines configured and ready to go before we need them. How often do we back up the data Nightly Where are the tapes stored The Tapes are archived at a remote location over 100 miles from the data center. Are Audit trails available? Yes, Login Audit trail and a Transaction Audit Trail.