Cloud Privilege Broker Cloud Security

Public. For Information Purposes Only.

Architecture

Summary of Cloud Privilege Broker architecture, as hosted within Amazon Web Services.

Schematic showing relationship of components. From left to right: Customer - BeyondInsight with Cloud Privilege Broker License - HTPPS to Load Balancer at the Platform - Authentication - TLS connection to Cloud Privilege Broker and Database.

 

Network Security

All network access controls within Cloud Privilege Broker are secured within the underlying platform.

Cloud Privilege Broker exists within its own isolated namespace and network ingress/egress within namespaces is controlled by the platform. All service-to-service communications are mutually authenticated and encrypted via Transport Layer Security (TLS) encryption provided by the platform. All customer logins are handled via BeyondInsight.

For more information, please see Network Security.

Customer Data

Each service within Cloud Privilege Broker has its own dedicated database and no user has access to database secret keys. Database credentials are provisioned by the platform and the services are allowed access via an IAM policy.

Cloud Privilege Broker’s backup data stores employ encryption at rest using AES-256, an industry standard. Storage volume snapshots of the database instance are backed up nightly and retained for 30 days.

For more information on customer data security, please see Customer Data.

Encryption

There is complete end-to-end encryption from BeyondInsight with Cloud Privilege Broker through to the Cloud Platform Infrastructure. Cloud Privilege Broker services communicate with each other through distributed queues over TLS encryption.

Access Management

Within Cloud Privilege Broker, no administration access is required or allowed, and administration access is contained within the platform. All services run on hardened images with read-only file systems.

Using IRSA (IAM Roles for Service Accounts), service-to-service communication is restricted to the session required. Service boundaries are set and only the service account annotated to talk to the database can communicate with the database. This ensures that no credential leak for the database can occur.

For more information, please see Access Management.

Process Control

Using GitOps enables continuous deployment when operating infrastructure. GitOps also provides benefits such as deployment and change logging to assist with compliance requirements.

A Git repository contains declarative descriptions of the infrastructure currently desired in the production environment and an automated process to make the production environment match the described state in the repository. This system state is version managed.