Miros Cloud: Talking Security with Senior Software Developer Martin Markman
The advent of our “as a service” offering makes Miros Cloud an ever more central part of what makes us tick. As a result, we felt it was important to answer some key questions about the security of this feature.
As we round off the summertime symposium on all things Miros Cloud, it felt natural to consider a few more questions about the platform, this time focused specifically on Cloud security. We challenged Miros Senior Software Developer, Martin Markman, to clear up some common queries and misconceptions.
When you say that data is stored “in the Cloud”, what do you mean?
Traditionally, the software being used by a company was hosted on local computers on that company’s premises, and this infrastructure was generally maintained by the company itself. “The Cloud” refers to software and services that are accessed via the Internet, rather than on local machines.
Think about your email account. When you use your chosen email provider (Gmail, Outlook, etc.) you are not hosting your own email server, you’re making use of a Cloud-based service offering. You can access it from anywhere, at anytime, and on any device with an Internet connection.
Practically speaking, the physical infrastructure resides where the Cloud provider is based (in Miros’ case, at Microsoft Azure’s data center in Dublin), rather than where the software is developed or, indeed, where the end user accesses it. Making use of a Cloud provider often offers a lower hosting cost compared to doing so on company premises, as well as allowing for better maintenance and monitoring (this is taken care of by the Cloud provider), and better security.
So where exactly is my data?
Your data is in the Cloud.
We use Microsoft Azure, whose Northern European operations are currently based in Dublin, as our Cloud provider. Nevertheless, this is essentially irrelevant since Microsoft could move these operations to another location without any impact to the service. As with your email account, you may not know where the physical infrastructure associated with it is located, and this has no impact on your experience as a user.
For any necessary posting, storage or deleting of your data, we use a database service. This is the system that handles the physical aspects of your data, as well as the means of communicating with it.
What do you do to keep my data safe?
Communication with the database service is always encrypted and it requires a key. The Cloud provider will try to eliminate any attack.
Wouldn’t it be safer to keep our data on a computer at our company HQ?
In almost all cases, no.
A physical server can be stolen, and your company HQ will often have less physical protection compared to a Cloud data centre. Nobody has access to the precise machine were your data resides. No one can “log into the computer and take the data out”.
An office computer is also – more often than not – far less protected in terms of access, with access tokens frequently being insufficiently guarded.
How can I access my data?
You can view your data, even in real time, in our web application. You can also download your data from this location. You can access your data at any time, from any location, and on any device so long as it has an Internet connection – and providing you have the necessary credentials and clearance.
How do I know that my data can’t be accessed by other people? How do you separate each customer’s data?
We know that nobody has access to your data without using our database service – this is in the agreement with our Cloud provider. We separate our tenants’ data by using the tenant ID you provide us with when you log into our web application. When you log in via your company’s log-in screen, the information you provide enables us to control what data you can access.
Has there ever been a breach?
No, the data has never been breached.
If I starting using Miros Cloud and then I want to stop using it, what happens to my data?
Miros customers own their historical data and as such, customers decide how to use this data and what happens to it. The specifics of this are covered in more detail in the associated terms and conditions.
Do you have a backup in case something goes wrong?
Yes, we have a backup. This is located in a different geographical region to the primary data centre provided by Microsoft Azure.
Why can’t I just keep doing things the way we used to? Why is the Cloud so much better?
Using the Cloud gives us confidence that the security and maintenance of our infrastructure are adequately taken care of. In addition, it is an inexpensive way to save huge amounts of data, thus ensuring customers get a great user experience at a low price. Furthermore, our customers don’t have to worry about updating software locally, since this is taken care of by us at Cloud level.
In short, just as with your email account, you can rest assured that all you need to do is log in and take whatever actions you like. We take care of everything else.
How can I trust that my data will not be accessed by any external party during the data transfer process?
All data is encrypted during the transfer process. Communication with our database service is strictly over HTTPS, using a secure SSL connection. This means that the data in transit is encrypted with a certificate agreed upon by both parties.