Workativ Assistant processes user information for login and authentication purposes only and passwords are stored as hash.
Workativ Assistant facilitates user interaction with Virtual Assistant powered by IBM Watson.
All conversations are stored directly into Bluemix cloud and no information is stored by Workativ Assistant.
Workativ Assistant interacts with 3rd party applications through APIs. User Information is cached only till the user session lasts and once session ends, this information is destroyed from the cache.
Workativ Assistant does not store passwords. The length, complexity, rotation and uniqueness of the passwords will be decided and maintained by the customer at the authentication source. Customers who use external authentication methods such as LDAP or SAML will have their password policies controlled by the authentication source being used for LDAP or SAML.
Workativ Assistant requires every user to exist as an identity with the customer’s authentication source. This is required for supporting a wide variety of capabilities within the product.
Workativ Assistant makes use of encryption for both data in transit and data at rest.
Workativ Assistant customers access their instances over the Internet using forced Transport Layer Security (TLS) encryption (AES128/256) for all user access.
SSL certificates are installed in the middleware across all environments. This ensures that the contents of data in transit are protected using encrypted connections (HTTPS).
No sensitive files are stored now, but in the future, if any sensitive files are to be stored within Workativ Assistant instance, the files can be encrypted All the REST APIs are accessible through HTTPS only HTTP methods and Content-Types are validated for all incoming requests.
All components of infrastructure will be monitored.
Workativ Assistant's Docker containers are arranged in pairs. All customer production data is stored in all clusters and kept in sync using asynchronous database replication. All the containers are always active, each with the ability to support the combined production load of the pair.
Workativ Assistant maintains continuous, asynchronous replication from the database in the current primary data center (read-write) to the secondary data center (read-only). To transfer a customer instance from a primary data center to a secondary, Workativ Assistant designates the secondary to be the primary and the primary to be the secondary if it still exists.
Workativ Assistant data centers and cloud-based infrastructure have been designed to be highly available. All servers and network devices have redundant components and multiple diverse network paths to avoid single points of failure.
Workativ Assistant uses an agile development process that includes independent validation steps run by a separate quality team. This allows for effective prioritization of remediation efforts and provides security feature requests into the application. Developers are trained in web application security, including, but not limited to the Open Web Application Security Project (OWASP) Top 10.
Workativ Assistant has a team of engineers who are serious about security implementation and security training is integrated into the software development program. They own the customer penetration-testing regime and have an overall view of the application security environment.
Workativ Assistant’s security including penetration testing regime is a vital component of its development practices and as a result the security testing program is wide-ranging and extensive. Some of the important testing done include checking of threats from:
1. SQL Injection
2. Broken Authentication and Session Management
3. Sensitive Data Exposure
Security of containers is being ensured by running "Docker Bench for Security", an open source tool for automatically validating the configuration of a host running Docker containers.
It performs several tests that are part of the Docker CIS
benchmark, such as:
1. Host Configuration
2. Docker daemon configuration
3. Docker daemon configuration files
4. Container Images and Build File
5. Container Runtime
6. Docker Security Operations
7. Docker Swarm Configuration
8. Scanning docker images
Workativ Assistant understands that the confidentiality, integrity and availability of customer data and assets are vital to all organizations, regardless of size.
The Workativ Assistant Cognitive Automation Platform provides features and services – in a secure, reliable environment. Workativ Assistant is committed to continually advancing technology, services, operations and security measures to provide predictable and reliable performance, availability, and continuity of service. Key benefits include: Provision to deploy on cloud.
Customer data is isolated from Workativ Assistant by leveraging an enterprise-grade cloud architecture