Cloud Integration Security
So far in this SnapLogic Integration Cloud deep-dive architecture series we’ve covered:
- JSON and REST
- Snaplex: The Data Plane
- Designer, Manager, Dashboard: The Control Plane
- Snaps: Connecting the Clouds
SnapLogic Integration Cloud Security
The most important thing to understand is that your business data is not stored anywhere along the way in the SnapLogic Integration Cloud infrastructure. Data is streamed between applications, databases, files, social networks and big data sources via the Snaplex, a self-upgrading, elastically scalable execution network. Customer integration metadata and log files are stored on Amazon Web Services infrastructure (MongoDB, system files on S3, log files). Being 100% Amazon Web Services (AWS) based, SnapLogic inherently leverages the security and compliance capabilities offered by AWS.
Runtime Data Security
The SnapLogic Integration Cloud is a stateless engine. Any data read from, for example, Teradata and loaded into Amazon Redshift is not stored anywhere along the way in the SnapLogic infrastructure. Snaps leverage the endpoint security provided by the application, database, file, etc. For instance, it can read data from a database using a secure JDBC connection, or it can invoke a secure, HTTPS-based REST or SOAP API as part of the integration pipeline.
When integrating cloud services with on-premises applications, databases and files, the HTTPS communication between the SnapLogic Designer, Manager and Dashboard and a Snaplex running behind the firewall is via an SSL encrypted link using port 443, the standard secure port used for secured HTTP traffic.
Platform Security Certifications
The SnapLogic Integration Cloud is protected by the comprehensive security applied by Amazon Web Services with all the certifications that it engenders. However, the SnapLogic Integration Cloud continues to apply its own security precautions layered on top of that. This includes keeping the platform protected with the latest security and resilience patches, as well as engaging third-party security audits. The platform has achieved certification from TRUSTe, adhering to their strict online privacy principles and protecting the privacy of personal information collected through our application.