When Indeni is able to connect to critical infrastructure of clients, how save is client data? How much data will be accessible by Indeni and what would it be used for aside automation processes?
Hi @Polz this is a really important question gets asked a lot. First all our communication is done over SSH or HTTPS, so all communication is encrypted. We support custom SSH keys if that becomes a mandate for the organization.
Indeni analyzes data in a stateless manner. This mean that once we are done parsing the raw data, we discard it and only save the analyzed data.
A good example of this is running mpstat: cpu-usage. We only collect the CPU and memory as a snapshot of the data we collected. That analyzed data can then be used to determine additional risks to be aware of.
Hello Polz!
I wanted to follow-up to Charles’ post and link Part 7 of our User Guide, which gives more detail about Security and the System: https://indeni.com/docs/user-guide/part-7-security/
I also wanted make sure you review Indeni Insights too, since security questions may come up around that as well: https://indeni.com/docs/user-guide/part-1-understanding-the-basics/1-3-indeni-insight/
Please let us know if you have any additional security related questions or concerns here, and we’ll make sure they get addressed ASAP.
Cheers,