Security Processes
Last Updated: Sept 2024
1. Introduction
Byond by OpusXenta is a comprehensive business management software solution designed to support cemeteries, crematoria and funeral homes.
Making sure your data is secure, and protecting it, is one of OpusXenta’s most important responsibilities. We’re committed to being transparent about our security practices and helping you understand our approach.
2. Security and Compliance
OpusXenta has established an industry-leading security program, dedicated to ensuring customers have the highest confidence in our custodianship of their data. Our Information Security Management System (ISMS) is aligned to the ISO 27000 standards.
2.1 Data Sovereignty
Byond provide hosting options within Australia, USA and Europe to ensure data is stored and processed locally. AWS offer 3 different data centres or “availability zones” (AZs) in each region. Data and services are replicated across zones for high availability.
2.2 Data Ownership
The customer always owns their data. OpusXenta collects and processes data on behalf of the customer as required to provide and support the platform, as further detailed in the Privacy Policy.
3. Shared Security Responsibility Model
OpusXenta strives to protect the confidentiality, integrity and availability of all critical information and stored customer data.
OpusXenta manage security “of” the application, security “in” the application is the responsibility of the customer. The hosted Byond solution is provided as software-as-a-service, a fully functioning modern web application. OpusXenta is responsible for procuring, configuring, monitoring and maintaining all aspects of the computing environment, from the servers to the application.
The customer is responsible for managing the access of their authorised users, password policies and configuring roles and permissions within the application itself.
Layer | Responsibility |
---|---|
Identity | Customer Responsibility |
Data/Content | Customer Responsibility |
Application | Customer + OpusXenta Responsibility |
Operating System | OpusXenta Responsibility |
Virtualisation | OpusXenta Responsibility |
Network | OpusXenta Responsibility |
Infrastructure | AWS Responsibility |
Physical | AWS Responsibility |
Byond is hosted in the public cloud with AWS. AWS provides state-of-the-art data centers and a world-leading compliance program. AWS operates, manages and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which Byond operates. AWS manages the network devices, but OpusXenta is responsible for secure network configuration.
If a customer chooses to self-host the solution, they will take responsibility for layers from Operating System down.
4. Personnel Security
All OpusXenta staff undergo screening checks before employment including reference, qualification and police checks. Security awareness training is provided at initiation and continuously throughout the year. Staff with privileged access to systems or data receive additional job-specific training on privacy and security. Personnel requiring access to production systems or customer data are required to have undergone appropriate security clearances.
OpusXenta has appointed a Chief Information Officer who is responsible for the performance of the ISMS. All staff have security responsibilities assigned as part of their roles.
5. Identity and Access Management
Byond provides out of the box functionality to support secure access control for customers:
- Role-Based Access Control (RBAC) for configurable, granular provision of permissions and functionality to users
- a SAML 2.0 compliant Service Provider interface configurable for either, or both, Administration and Student portals (coming 2024H2)
When the system is configured to use the native password authentication, password length and complexity requirements are enforced by the system with configurable password policies, including a banned word dictionary. Password expiration can be configured.
Access for OpusXenta staff to the application and infrastructure is provided on a least necessary privilege basis.
6. Standard Operating Environments
OpusXenta uses a documented Standard Operating Environment for all servers. The servers are provisioned as documented and all changes to the environment go through OpusXenta secure development practices.
7. Patch Management
Operating systems automatically apply security updates weekly. Application vulnerabilities are identified through automated systems. The patching and upgrade of software components is incorporated into regular software development procedures and release schedules.
Critical issues and security patches may necessitate an out-of-cycle release, but these are processed through standard change management workflows.
8. Software Development
OpusXenta uses a Secure by Design approach in our Software Development Life Cycle. Security is considered in the design, development and testing of our software. We use a series of software development environments including development, staging and production. Software is only able to progress to the next environment after it passes all the checks at each level including mandatory internal peer code review, static code analysis, automated unit and integration testing, manual QA and UAT.
Access to release branches in the code version repository is strictly limited. OpusXenta uses static code analysis tools to identify known vulnerabilities in developed code, conducted as part of the automated build pipeline.
OpusXenta web applications are developed using security best practice. All developers are trained to be aware of OWASP security guidelines. Database queries are parameterized. Application inputs and outputs are properly sanitised and encoded. Errors and exceptions are logged and monitored. User authentication passwords held within the database are stored salted and hashed.
9. Database Systems
Each customer uses a logically isolated database. Databases are securely provisioned with unique credentials per customer ensuring secure data partitioning. All use and administration of the database is through the web application frameworks minimizing any exposure through direct database access. Database administrator accounts are only used to provision less privileged accounts for system use.
The network is designed to restrict access to the database to the fewest necessary systems. All database data is encrypted at rest using AES-256 with secure key management procedures.
Production, test and development environments are strictly separated on both the database and application server basis.
10. Network Security
OpusXenta divides its systems into separate networks (AWS VPCs) to better protect more sensitive data. Systems supporting testing and development activities are hosted on a separate network from production systems. Customer data is only permitted to exist in the production and staging networks.
Network access to the production environment from open, public networks (the internet) is restricted. Only required network protocols and ports are exposed to minimize the potential attack surface for malicious actors. Changes to the production network configuration are restricted to authorised personnel and all changes logged. OpusXenta uses an Infrastructure as Code approach to the network configuration which uses versioned repositories and is deployed through automations to avoid potential misconfiguration.
Multitenancy: the network and application layers are shared but each customer uses a logically isolated database and object storage in an isolated namespace.
11. Cryptography
Data at rest and in transit is encrypted with modern cryptographic algorithms and protocols.
Transport Layer Security (TLS) is used for all public network connections with a modern security policy meeting an SSL Labs A rating. TLSv1.0 and TLSv1.1 are disabled unless required for legacy application support. HTTP Strict Transport Security (HSTS) ensures that a TLS connection is always used.
AWS S3 is used for storage of documents and other unstructured data. S3 buckets are securely configured, objects are private and encrypted at rest using AES-256.
Structured data stored in AWS RDS is encrypted at rest using AES-256.
12. Logging and Monitoring
Site uptime, host and application performance is monitored by independent third-party services with operational alerting and response procedures in place. Regular governance meetings and performance review ensure the ongoing performance and availability targets are met.
OpusXenta uses Network Intrusion Detection and Cloud Security Posture Management systems. Alerts are centrally monitored and acted upon by responsible teams.
13. Penetration Testing
OpusXenta engages independent, CREST certified entities to conduct application penetration tests annually. Results of these tests are shared with OpusXenta management and available to customers under NDA. Findings are reviewed, prioritised and tracked to resolution. Customers wishing to conduct their own penetration test of a hosted service should obtain permission from OpusXenta.
14. Backup Management
The database operates on the AWS RDS service. Transaction log backups offer a Recovery Point Objective (RPO) of 5 minutes. In case of catastrophic failure Recovery Time Objective (RTO) will vary according to the size of customer databases.
Complete logical backups of the database are stored in S3 daily, offering 99.999999999% durability.
15. Data Retention
Data is retained within the system for the life of the contract. At contract termination, data is returned to the customer and permanently destroyed according to standard operating procedures. Data will be made available in standard, documented formats.
Database backups are retained for 12 months and deleted by automated lifecycle policies.
16. Business Continuity
The concepts of business continuity and disaster recovery are integrated into our design and architecture of highly available systems in the public cloud. Failure is routinely expected, planned for, tested and managed with automated systems and redundancy.
Resilience and scalability are addressed on AWS through:
- Running multiple EC2 instances in multiple Availability Zones (distinct locations that are engineered to be insulated from each other)
- Elastic Load Balancing across multiple Availability Zones
- Using the AWS-managed Relational Database Service (RDS) for highly available databases
- Using Amazon S3 simple, durable, massively scalable data storage
17. Incident Management
OpusXenta has documented Incident Response, Business Continuity and Disaster Recovery plans that are tested at least annually.
Customers will be notified in accordance with our Incident response plans in the case of an incident, the timing of which is outlined in the relevant plans and is based on severity and urgency. The nominated role at OpusXenta will continue to communicate with the customer on the specified schedule until the issue is resolved. OpusXenta will inform the customer as soon as is practical in all cases.
18. Third Party Supplier Management
OpusXenta relies on sub-service organisations, such as AWS, to run its business efficiently. We evaluate and qualify our vendors with a risk-based approach and documented standards which include security, technical and financial assessments. OpusXenta ensures our security posture is maintained through legal agreements and regular security compliance review of these arrangements.
19. Contacts
OpusXenta is continually striving to keep our systems secure. If you become aware of any security issue or have any further queries regarding this document, please contact the security team directly at support@opusxenta.com.