How does Minerva ensure the security of my data?

Minerva Security Features: Summary

The security of data is paramount in today's digital landscape, and Minerva is at the forefront of providing exceptional data protection solutions. Leveraging cutting-edge technologies, Minerva offers a comprehensive suite of security features designed to safeguard data against threats and ensure continuity.

Data Redundancy and Backup

Minerva employs a robust data redundancy strategy to ensure zero data loss for its jurisdiction clients. The database is stored in three separate data centers within region 3, ensuring real-time synchronization. This multi-layered backup approach guarantees that data remains intact and accessible, even in the event of a disaster. Moreover, the "Zone-redundant backup storage" option allows for restoration to any point within the last seven days, though the most current version would be used to restore functionality in the case of a primary data center failure.

Data Security Infrastructure

All customer data within Minerva's infrastructure is encrypted both in transit and at rest. Utilizing SSL/TLS for encryption in transit and the FIPS 140-2 validated cryptographic module with AES 256-bit cipher for encryption at rest, Minerva ensures that data remains secure at all times. The entire infrastructure, including data storage, is hosted in the Microsoft Azure West US 3 region, located in Arizona, providing a secure and reliable foundation for data management.

Authentication and Authorization

Minerva uses the Microsoft Identity Platform to provide enterprise-grade authentication and authorization. This platform supports multi-factor authentication (MFA), ensuring that only authorized users can access sensitive information. Advanced authentication methods, such as OATH tokens, SMS verification, and FIDO2 security keys, are available for an additional fee per user, offering additional layers of security.

The authorization process in Minerva utilizes a hybrid approach based on Role-Based Access Control (RBAC) and Policy-Based Access Control (PBAC). This model is built on the Microsoft Identity Platform and supports various protocols such as OAuth 2.0 and OpenID Connect. The product employs different OAuth 2.0 flows, including Authorization Code Grant, Client Credentials, and On-Behalf-Of flows, to manage authorization across its various components.

Conclusion

Minerva stands out as a leader in IT security, providing a well-rounded and highly secure environment for data protection. From real-time data redundancy and advanced encryption to robust authentication and authorization mechanisms, Minerva ensures that data integrity, confidentiality, and availability are maintained at the highest standards.

For further details on Minerva's security features or to discuss how these solutions can benefit your organization, please contact us at 1 (951) 973-0024 or via email at craig@msw-consultants.com.

Enhanced Data Security and Redundancy in Minerva: Detail breakout

Minerva, a cloud-based application, ensures the highest levels of data security and redundancy for its jurisdiction clients through its comprehensive, multi-layered approach. Below is an overview of Minerva's robust measures to guarantee data integrity, confidentiality, and availability.

Data Redundancy and Backup

Real-Time Data Redundancy:

• Minerva employs a triple-redundancy database strategy, with data stored in three separate data centers located in Microsoft Azure's West US 3 region (Arizona).
• These databases are updated in real time to prevent data loss in the event of a system failure.

Zone-Redundant Backup Storage:

• Backup data is stored using Azure’s "Zone-redundant backup storage" to ensure high availability.
• The system supports point-in-time recovery for up to seven days, with the most recent database version prioritized for rapid restoration.

Disaster Recovery Assurance:

• In the unlikely scenario of a catastrophic event, such as a fire at the primary data center, Minerva’s disaster recovery processes ensure seamless restoration of functionality without any data loss.

Data Security Infrastructure

Encryption Standards:

• Data at Rest: All stored data is encrypted using the FIPS 140-2 validated cryptographic module with AES 256-bit encryption. This includes primary databases, backups, and temporary query files.
• Data in Transit: Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols are enforced by default to encrypt data transmission.

Secure Hosting Environment:

• All components of Minerva’s infrastructure are hosted exclusively in the Microsoft Azure West US 3 region, which adheres to stringent physical and cyber security standards.
• Data access is further secured by Microsoft Azure’s network-level restrictions, ensuring database connections are only permitted through authorized Azure Virtual Networks.

Multi-Tenant Database Security:

• Minerva’s multi-tenant database design leverages row-level security to segregate client data.
• Files are stored in separate physical containers within the same Azure Storage Account to maintain logical separation.

Authentication and Authorization

Microsoft Identity Platform Integration:

• Minerva utilizes the Microsoft Identity Platform for enterprise-grade authentication and authorization.
• Multi-factor authentication (MFA) is enabled by default.

Role-Based and Policy-Based Access Control (RBAC and PBAC):

• Minerva’s hybrid RBAC and PBAC models restrict access based on user roles and organizational policies.
• Supported protocols include OAuth 2.0 and OpenID Connect, employing flows such as Authorization Code Grant, Client Credentials, and On-Behalf-Of for secure authorization management.

Network-Level Access Control:

• Database access is restricted to authorized MSW Consultants personnel via VPN.
• Storage Account access is private and requires authentication for secure data handling.

Data Protection Policies

Data Retention:

• Active subscriber data is retained for a minimum of six years, ensuring long-term data availability and compliance.

Data Export and Mobility:

• Clients can export data as either Excel or CSV file types.
• Data transfer during import and export processes is encrypted both in transit and at rest.

Data Extraction and Termination:

• Upon termination of service, Minerva allows clients to export their data prior to account deactivation.
• No cached data is stored on client devices, ensuring complete removal of sensitive information post-service.

Operational Transparency and Client Support

SaaS Advantages:

• Minerva is a SaaS-based application, eliminating the need for client-side installations, updates, or third-party software dependencies, with no limit on the number of client users available.

Service Operations and Support:

• All service operations are managed internally by MSW Consultants, with no third-party or offshore outsourcing.
• Support is available during standard business hours (9:00 AM - 5:00 PM PST, Monday to Friday), with unlimited training provided through hosted online meetings.

Security Breach Notification:

• In the rare event of a security breach, MSW Consultants will notify all relevant stakeholders promptly via email, accompanied by a detailed issue and resolution report.

Compliance and Certification

• Minerva complies with Azure’s stringent security frameworks, leveraging tools and practices aligned with industry standards, including:
  • NIST 800-53
  • ISO 27000
  • SOC2 auditing frameworks

For more information on Minerva’s security protocols or to discuss how these measures can enhance your organization’s data protection strategy, please contact us at 1 (951) 973-0024 or via email at craig@msw-consultants.com.