WISdom Service Information
The WISDOM services were designed with low performance and security footprint in mind. Below is a list of security protocols and features that are followed or implemented for the CHM and WISdom services:
-
Data Collection – The data collected by WISdom consists of metadata, runtime and configuration data and leverages WMI and SQL calls to capture the required data. No sensitive data is transferred to Fortified WISdom environment.
-
Frequency of Collection – WISdom was designed to minimize the resource footprint for data collection. The data collection is intelligent and only captures data based on the need. Most data is collected once a minute to once a day, depending on the type of data.
-
Upload Destination – Each client has a dedicated S3 bucket which is created during the initial setup that only that client can access. This AWS S3 bucket is used to upload and temporarily store data before it is processed by WISdom.
-
Data Encryption – Data is encrypted and uploaded to the dedicated AWS S3 bucket using TLS and is encrypted at rest using server-side encryption.
-
Access to Encrypted Data – The configuration updates are sent using the AWS S3 bucket and are encrypted using a certificate that exists only on our central server and the machine running on the WISdom service in your environment. Client and Fortified are the only participants that can access the data and encryption keys.