Security

Skitter takes people privacy very seriously to point that we not only ask every time we ask for certain information; we ensure it is used to help educate you on Skitter’s offerings. We do not collect or store any type of sensitive data such as a password.

security

User Information

Cognidesk processes user information for login and authentication purposes only and passwords are stored as hash.

Conversation Information

Cognidesk facilitates user interaction with Virtual Assistant powered by IBM Watson.

All conversations are stored directly into Bluemix cloud and no information is stored by Cognidesk.

Third party applications

Cognidesk interacts with 3rd party applications through APIs. User Information is cached only till the user session lasts and once session ends, this information is destroyed from the cache.

Passwords

Cognidesk does not store passwords. The length, complexity, rotation and uniqueness of the passwords will be decided and maintained by the customer at the authentication source. Customers who use external authentication methods such as LDAP or SAML will have their password policies controlled by the authentication source being used for LDAP or SAML.

Account Synchronization

Cognidesk requires every user to exist as an identity with the customer’s authentication source. This is required for supporting a wide variety of capabilities within the product.

Encryption

Cognidesk makes use of encryption for both data in transit and data at rest.

Encryption in Transit for User Traffic

Cognidesk customers access their instances over the Internet using forced Transport Layer Security (TLS) encryption (AES128/256) for all user access.

Encryption at Rest and in Transit

SSL certificates are installed in the middleware across all environments. This ensures that the contents of data in transit are protected using encrypted connections (HTTPS).

No sensitive files are stored now, but in the future, if any sensitive files are to be stored within Cognidesk instance, the files can be encrypted All the REST APIs are accessible through HTTPS only HTTP methods and Content-Types are validated for all incoming requests.

Infrastructure Monitoring

All components of infrastructure will be monitored.

Advanced High Availability (AHA) Architecture

Cognidesk’s Docker containers are arranged in pairs. All customer production data is stored in all clusters and kept in sync using asynchronous database replication. All the containers are always active, each with the ability to support the combined production load of the pair.

Cognidesk maintains continuous, asynchronous replication from the database in the current primary data center (read-write) to the secondary data center (read-only). To transfer a customer instance from a primary data center to a secondary, Cognidesk designates the secondary to be the primary and the primary to be the secondary if it still exists.

Cognidesk’s data centers and cloud-based infrastructure have been designed to be highly available. All servers and network devices have redundant components and multiple diverse network paths to avoid single points of failure.

Overview

Cognidesk uses an agile development process that includes independent validation steps run by a separate quality team. This allows for effective prioritization of remediation efforts and provides security feature requests into the application. Developers are trained in web application security, including, but not limited to the Open Web Application Security Project (OWASP) Top 10.

Application Security Team

Cognidesk has a team of engineers who are serious about security implementation and security training is integrated into the software development program. They own the customer penetration-testing regime and have an overall view of the application security environment.

Security and Penetration Testing

Cognidesk’s security including penetration testing regime is a vital component of its development practices and as a result the security testing program is wide-ranging and extensive. Some of the important testing done include checking of threats from:

1. SQL Injection
2. Broken Authentication and Session Management
3. Sensitive Data Exposure

Security of Docker Containers

Security of containers is being ensured by running "Docker Bench for Security", an open source tool for automatically validating the configuration of a host running Docker containers.

It performs several tests that are part of the Docker CIS benchmark, such as:
1. Host Configuration
2. Docker daemon configuration
3. Docker daemon configuration files
4. Container Images and Build File
5. Container Runtime
6. Docker Security Operations
7. Docker Swarm Configuration
8. Scanning docker images

Cognidesk understands that the confidentiality, integrity and availability of customer data and assets are vital to all organizations, regardless of size.

The Cognidesk Cognitive Automation Platform provides features and services – in a secure, reliable environment. Cognidesk is committed to continually advancing technology, services, operations and security measures to provide predictable and reliable performance, availability, and continuity of service. Key benefits include: Provision to deploy on cloud.

Customer data is isolated from Cognidesk by leveraging an enterprise-grade cloud architecture

Ready to get started?

Start your 14 day free trial. No credit card required.

Start free trail