Using Structural securely
Last updated
Was this helpful?
Last updated
Was this helpful?
Was this helpful?
To generate de-identified data, Tonic Structural requires access to customer data that might be sensitive in nature, protected by regulation or contract, or that otherwise requires special handling to meet processing obligations.
To ensure the security of your data, when you configure and use the Structural application, Structural advises that you use industry best practices for secure data handling.
We have compiled the following recommendations for using Structural securely. This list of suggestions is not comprehensive, and is based on a general use case.
Your use case might require additional considerations depending on the type of data that is processed, your underlying systems, and other legal and organizational requirements.
The following recommendations apply both to Structural Cloud and to self-hosted instances of Structural.
You should grant Structural accounts to users based on the principle of least privilege. Each user should only have access to the workspaces and datasets that they need to perform their required tasks.
Structural produces de-identified data that is stored in destination databases. Some end users might not need access to the Structural application at all, but still need access to the destination data.
Restricting access to Structural includes restricting access to the application and to the API keys that provide access to the Structural API.
Periodically review the current user access to Structural to ensure that the current access levels are appropriate.
Maintain protective measures for data as it moves from your data store to Structural.
Configure databases that the Structural application connects to (source and destination databases) to only accept encrypted connections that use industry standard cryptographic algorithms.
Make sure that there are physical security and environmental controls for all of your devices and access points.
This includes devices that are used by remote or home-based employees who use Structural.
If you have a Professional or Enterprise license, use an external identity provider to manage access to Tonic.
When you use an external identity provider, you can control the password, multifactor, location, and other authentication requirements to meet your specific use case.
For self-hosted instances, the following additional recommendations apply.
Deploy Structural in an environment that prevents unauthorized and accidental access from outside the system.
This can include:
Configuring and using web application and network firewalls.
Using AWS Security Groups, Azure Network Security Groups, or Google Cloud firewall rules to control access to Structural and to control Structural access to other networked devices.
Using firewalls or stateless access control lists to deny traffic on unapproved ports or based on the traffic direction or type.
If applicable, allowlisting end-user traffic to IP addresses within a network or VPN.
Maintain protective measures for data as it moves from your end users to the Structural application. Configure your infrastructure deployment to use encryption-in-transit. Structural can be configured in multiple ways to use and enforce encryption-in-transit.
Tonic.ai recommends that all customers who deploy Structural enforce encrypted communication.
Inbound traffic to the Structural application can be a load balancer configured with TLS termination. Some customers either do not want to or cannot use a load balancer. In that case, when you set up Structural, you install a certificate to encrypt inbound traffic to the Structural application. You can also use this configuration to ensure encrypted communication between the load balancer and the application.
For outbound traffic (traffic from the Structural application to source and destination databases), you can configure Structural to enforce SSL/TLS communication.
For increased security, ensure that the Structural web server only listens on https and not on http.
To configure this, set the environment setting TONIC_HTTPS_ONLY to true.
Go to Configuring environment settings.
Because of its access to sensitive data, you should configure and monitor network traffic for environments that run the Structural application.
At a minimum, Tonic.ai suggests that you use industry standard IDS/IPS systems to detect unauthorized access.
Use industry standard disk encryption on all of the underlying storage that is associated with your Structural instances and the associated databases.
Collect logs from Structural components and analyze them for anomalies that indicate malicious acts, natural disasters, and errors. Analyze anomalies to determine whether they represent security events.
Enable log sharing with Tonic.ai to allow Tonic.ai staff to monitor these logs. Tonic.ai staff can apply their domain knowledge of Structural to the log analysis.
Tonic.ai releases updates to the Structural software multiple times a week. Updates can include fixes to improve Structural security.
We recommend that you upgrade Structural at least once every two weeks. For details, go to Updating Structural.