SaaS Security: Securing Zenoss in a SaaS World

As enterprise IT organizations evaluate cloud-based services, security can be a primary concern — both in terms of the security of the customer data associated with the application as well as the potential for breaches of the customer’s IT environment. Zenoss takes a comprehensive approach to SaaS security, addressing it from both a product and process perspective, to ensure the integrity of monitoring operations.

The Zenoss approach to SaaS security begins with the cloud hosting platform. Google Cloud has become one of the most secure cloud platforms available due to its broad compliance with common industry security certifications, including various ISO and SOC standards. Zenoss Cloud benefits directly from the advanced security features that make these certifications possible. It uses Google’s platform features to ensure that user data is always protected, in flight or at rest. And it benefits from constant monitoring by the Google security team to ensure that critical infrastructure assets are always available and never compromised.

The Zenoss Cloud platform adopts numerous best practices to ensure that all communications between its components are protected. Firewalls that prevent tenants from accessing data outside their role are enabled by default. Clients can use demilitarized zones (DMZs) to be very prescriptive in how they allow access into and out of their networks. All connections can be secured with credentials that limit access to only data needed for monitoring. All passwords are encrypted in flight and stored securely.

Zenoss Cloud also offers numerous controls to enable administrators to clearly specify access levels for every user on the system. This ensures that team members have rapid and frictionless access to the data they need to do their jobs without risking exposure by granting too much access to any particular account. Zenoss uses the Auth0 authentication service, which integrates with client identity services (like LDAP) to log in users and protect from brute-force access attempts.

Finally, Zenoss Cloud is a managed SaaS offering, which means Zenoss takes on the responsibility for ensuring that the product implementation continues to follow best practices for ensuring the secure transmission and storage of privileged user data. This includes regular security reviews when implementing new features and regular security updates to software across the entire platform to ensure that attack surface areas for any platform component are as small as possible.

Zenoss is committed to ensuring the continued security and integrity of customer operations data. If you’d like to experience the secure features of Zenoss Cloud for yourself, please ask for a demo!