Blog

TOKN Security/Scalability

TOKN Security/Scalability

By Beaton Nyamapanda

The TOKN Technology Enterprise Mobility is a solution that allows enterprises to make their workforce more productive by embracing the Bring-Your-Own-Device (BYOD) culture and make information, systems and apps available on mobile phones. Having these systems on mobile phones in a form users are used to means they get more work done, faster and from anywhere. Combined with the offline capabilities of the platform, connectivity is not an issue, the limiting factor becomes mobile phone battery life.

How does this all work together? And is it Secure? Is it Scalable?

Having thousands of users connecting to a single system, like ours, requires optimal and automatic management of server and database resources. The last thing mobile users want is bottlenecks in a critical system, leading to timeouts and delays when doing any work. For example, when submitting a time-sheet that directly affects their salary, no one wants to be told that their time-sheet was submitted late because the server was too busy and therefore tied up to process that time-sheet.

To make sure this does not happen, we have designed the TOKN Enterprise Mobility platform to be scalable from the ground up. AWS forms the backbone of the system with different AWS services working to make sure that the system is always available. When demand increases, resources are automatically scaled up. Load balancers scaling groups and availability zones are used together to make sure that not only is the system scalable but also highly resilient.

Security is important, to us and our clients. This means all components of architecture has to be secure and run secure channels of communication. Users always expect the highest levels of security for their enterprise system and we do a good job of providing that. Cloud security is important as there have been several hacking cases and data exposure. But studying these case studies and following industry security standards means data stored in the cloud can be better protected.

TOKN offers Bi-directional communication between the TOKN client and connected systems. Secured by 1024 bit and 2048-bit RSA keys for SSL. Communication between the mobile client and the TOKN Server is encrypted with a 2048-bit SSL certificate using Secure Web Sockets.

There is no maintaining of passwords and credentials on the device. Users are seamlessly authenticated using only their mobile number and a push message from TOKN.

Data within the whole solution is encrypted at rest and in transit. Data within all databases is encrypted as rest making it difficult to access even in the event of a breach to our core infrastructure.

All components of our solution run within AWS VPC. Amazon VPC allows for more granular control of the cloud network, which provides an extra layer of security for workloads and data. Network firewalls built into Amazon VPC, and web application firewall capabilities in AWS WAF let us control access to our instances, applications and databases. In addition, very restrictive firewall policies are applied to all instances or containers running any of our applications. These policies define only a few ports to be opened and accessible from the internet. In some cases, some resources are locked down and not accessible from the internet but only from the TOKN VPC. Some resources have a single port opened via these security policies.

TOKN Technology takes care of this Security configuration, this takes the workload off of our customers, while at the same time benefiting all customers.

All of these when combined mean that the security of the applications and the data is maintained. The TOKN Technology Enterprise Mobility is truly secure and scalable.

 

Posted
July 19, 2019

Share