Security has a high priority when you are developing a monitoring tool for the complete IT environment with systems, devices, networks and applications security. TSMS goes trough your entire network, so we take security very seriously. Secure coding with the focus on security risks are integrated into our day-to-day operations and the development process of TSMS. TSMS has taken among other the following security measures, to make TSMS a secure up-to-date monitoring tool:
- Monitoring an organization’s local area network (LAN) with a DMZ is not easy. The DMZ is a physical or logical sub network that contains and exposes an organization’s external-facing services to a larger and untrusted network, usually the Internet. An external network node can access only what is exposed in the DMZ, while the rest of the organization’s network is behind a firewall. Communication from the TSMS server to the TSMS agent, behind a firewall due to security rules, is sometimes not possible. Therefor we have a TSMS Agent fully stand alone, the only connection is triggered from Agent to Server. If the security is so high that all ports are closed and no communication is allowed to the outside, the standard TSMS agent does not do the trick. For this situation we offer the TSMS email agent, which only send notification and status messages through mail to the TSMS server.
- API: Malicious assaults and denial-of-service attacks are increasingly targeting enterprise applications as back-end systems become more accessible and usable through cloud, mobile and in on-premise environments. An API is a major point of vulnerability, given its ability to offer programmatic access to external parties with few organically available controls. TSMS has no automatic APIs available for hackers, so there is no risk of an API hack.
- TSMS User passwords are conform the Dutch “B.02 9 van de ICT Richtlijnen voor webapplicaties van het NSCS”.
- Https: To secure the communication between the TSMS server and the user. This provides the guarantee that one is communicating with the TSMS server instead of an impostor, as well as ensuring that the contents of communications between the user and the site cannot be read or forged by any third party.
- Encryption: TSMS will use the Rule of Two for multiple encryption for their data between client and server. The Rule of Two is a data security principle from the NSA’s Commercial Solutions for Classified Program (CSfC). It specifies two completely independent layers of cryptography to protect data.