Getting Started with vuSmartMaps > Security and Compliance
1. Getting Started with vuSmartMaps™
3. Console
5. Configuration
6. Data Management
9. Monitoring and Managing vuSmartMaps™
Step into the heart of VuNet Systems’ commitment to digital security. In a world where trust is paramount, we unveil a behind-the-scenes look at how every line of code, encryption measure, and access protocol reflects our dedication to safeguarding customer data.
vuSmartMaps™, a big data-based, AI/ML-enabled real-time observability platform, excels in ingesting data from heterogeneous systems. The logical architecture, depicted in the below Figure, consists of three layers: Data acquisition, Analytics, and Consumption. This design enables seamless integration of various telemetry types, providing end-to-end customer journey views.
The below figure illustrates vuSmartMaps’ typical deployment architecture. It is delivered as a software appliance with docker container-based services. This encompasses data collection layers, data pipelines, data storage, analytics engines, and web service layers. The platform employs both agent-based and agent-less telemetry collection methods.
Read more about platform architecture and key services here.
At VuNet Systems, meticulous handling of personal data is paramount. The approach is comprehensive, covering all forms of personal data, including special categories. Collection methods range from direct input to third-party sources, emphasizing compliance with legal obligations and ensuring data protection.
Regarding international data transfers, stringent protocols ensure GDPR compliance. Employee rights are prioritized, granting control over data. Continuous improvement and transparency drive regular policy reviews.
VuNet Systems employs a balanced strategy for data access and control. Logical access control incorporates robust authentication mechanisms and follows the principle of least privilege. Dynamic management of user access rights ensures alignment with current job roles.
Our comprehensive strategy incorporates end-to-end encryption and data segregation. The Cryptography Policy plays a pivotal role in secure key management, emphasizing proper handling, allocation, and disposal of cryptographic keys. This approach extends to data in transit and at rest, ensuring the highest level of confidentiality.
VuNet Systems adopts robust TLS/SSL encryption for data in transit, safeguarding against interception. For data at rest, encryption methods secure information on physical and cloud-based storage solutions. Cryptographic controls are meticulously managed, ensuring comprehensive protection.
Handling Personally Identifiable Information (PII) aligns with vuSmartMaps’ standard procedure of not collecting PII information from customers. As a proactive measure, in the event PII data becomes necessary, we assure users that a comprehensive classification process and rigorous controls will be implemented to safeguard customer data and ensure compliance with data protection regulations.
Data segregation, guided by the Information Classification Policy, categorizes data for enhanced security. Different classifications trigger tailored security measures, ensuring heightened protection for sensitive data. The policy covers both internally generated and externally received data, fostering a comprehensive security approach.
In shared environments, where multiple entities coexist, stringent data segregation measures ensure that each entity’s data remains isolated and secure. Robust access controls, encryption protocols, and regular audits are implemented to maintain the integrity and confidentiality of shared data.
In the dedicated environment designed for specific entities, data segregation strategies continue to be crucial. Here, security measures are configured to meet the unique requirements of each dedicated entity, fostering a personalized and highly secure data environment.
By implementing data segregation in both shared and dedicated settings, our approach is twofold, providing comprehensive protection for data, regardless of the operational context. This dual-layered strategy underscores our commitment to safeguarding information and instills confidence in the security and integrity of data for all stakeholders.
VuNet Systems’ network architecture emphasizes resilience and security. Advanced technologies, including segmentation and virtualization, control and isolate network segments. Intrusion prevention encompasses the use of IDS/IPS systems, coupled with regular internal and external vulnerability assessments and penetration testing. Internally, we conduct these assessments periodically to proactively identify and address potential vulnerabilities. Additionally, external assessments, conducted once a year, provide an unbiased perspective, ensuring a robust security posture against evolving threats.
Secure access protocols include strong authentication mechanisms, encryption for data in transit, and VPNs for remote access. Access controls follow the principle of least privilege and RBAC. Regular security audits and compliance checks ensure protocol effectiveness.
Agent security at VuNet Systems prioritizes secure access and efficient privilege management. Leveraging the identity provider, an open-source identity and access management tool ensures precise control over user privileges.
The identity provider facilitates sophisticated authentication and authorization processes at VuNet Systems. Access is regulated based on comprehensive evaluations of user privileges, enhancing security.
RBAC is managed through user management, streamlines, and secures access. Specific roles and permissions align with organizational roles, following the principle of least privilege. This approach ensures secure access tailored to user responsibilities.
Comprehensive audit trails and logging mechanisms track system and user activities. Logs are analyzed for unusual patterns, offering insights into security incidents. This transparency is integral to VuNet Systems’ cybersecurity strategy.
Security audits and assessments are embedded in every software release. Thorough evaluations for vulnerabilities and adherence to security best practices ensure a secure software development lifecycle.
Adherence to industry standards ISO 27001 and SOC 2 demonstrates VuNet Systems’ commitment to information security. These standards ensure effective management of information security and client data protection.
Third-party audits, including Vulnerability Assessment and Penetration Testing (VAPT), provide an objective evaluation of VuNet Systems’ security posture. These assessments identify vulnerabilities and simulate real-world attack scenarios, reinforcing our commitment to continuous improvement and external validation.
Browse through our resources to learn how you can accelerate digital transformation within your organisation.
VuNet’s Business-Centric Observability platform, vuSmartMaps™ seamlessly links IT performance to business metrics and business journey performance. It empowers SRE and IT Ops teams to improve service success rates and transaction response times, while simultaneously providing business teams with critical, real-time insights. This enables faster incident detection and response.