Administration

This section covers a list of questions pointed to the specific administrative features of the BDB Platform.

Directory Authentication

Does the BDB Platform support different types of directory authentications?

Yes, the BDB Platform Supports different types of directory authentications. Some of them are as listed below:

  • Active Directory

  • SAML

  • 3rd Party Authentication – e.g., Octa, OAuth, CAPPM, LDAP, etc.

Internal (Proprietary) Authentication

Does the BDB Platform support internal Authentication?

Yes, BDB Platform has an in-built (proprietary) Enterprise Authentication.

Metadata Exchange across the Suite

Does the BDB Platform contain a metadata layer that can store details about all settings?

The BDB Platform has an inbuilt metadata layer that stores details about the User information, admin settings, and module (Dashboard Designer, Business Story, DS Lab, Data Pipeline) settings.

Usage Monitoring

Does the BDB Platform capture logs of usage and list the active users?

Yes, the Admin Module has an in-built functionality for capturing logs of usage and it also lists the active users. Yes, the BDB Platform provides integration with 3rd Party monitoring tools like Datadog, etc. Logs can be transferred to a 3rd Party monitoring tool via FluentD.

Re-usable Objects / Components

Does the BDB Platform provide an extensibility feature where the user will be able to create custom components?

All the standard components can be reused across different use cases, BDB Platform provides an extensibility feature where the user will be able to create custom components. BDB Platform provides the following options:

  • BDB Pipeline provides provisions to create a custom component and deploy it.

  • BDB DS Lab enables the user to write the custom script and use it in the Data Science model.

  • BDB Governed Dashboard provides an option to write java scripts to achieve customization.

Import / Export User Access Rights at fine-grain level

Can the BDB Platform be integrated with 3rd Party Authentication?

BDB Platform can be integrated with 3rd Party Authentication like Azure AD, etc. It will automatically import the users' access rights that are configured in it.

Does the BDB Platform support Web services API for administration?

Yes, BDB Platform had built-in web based administration and user management module inside the platform. If required BDB Platform can expose RESTAPI for administration and user access rights and configuration management.

What IDP is used for authenticating the application?

The BDB Platform supports a variety of identity providers (IDPs) for authentication. This includes:

  • Active Directory (AD) or Lightweight Directory Access Protocol (LDAP): The BDB Platform can be integrated with AD or LDAP for authentication, allowing the users to sign in with their existing organizational credentials.

  • SAML 2.0: The BDB Platform can be configured to use SAML-based identity providers.

  • OpenID Connect: The BDB can be integrated with the OpenID Connect-compatible IDPs, such as Google and Amazon Web Services (AWS) Cognito.

What authentication logs (if any) are monitored by the BDB Platform?

The logs are an important feature for monitoring user behavior, ensuring compliance with security policies, and detecting any potential security incidents. The authentication logs monitored by the BDB Platform provide comprehensive and detailed information about user authentication events. These logs not only track successful and failed login attempts, but also capture changes made to user accounts and permissions by providing a complete picture of user activity on the platform.

The logs are easily accessible through the Audit Trail section of the BDB Administrative interface by providing administrators with quick and efficient access to the information they need to maintain the security of the entire platform. The Administrators have the flexibility to monitor activity at a granular level and quickly respond to any security-related incidents with the ability to search, filter, and view loa data.

Also, the logs from the BDB Audit Trail can be pushed to the customer's 3rd party log monitoring software i.e., Datadog, Zabbix, Prometheus, Fluentd, and Grafana.

Can ERM have access to the authentication logs?

Yes, ERM will have access to authentication logs through the BDB Audit Trail feature, which is a powerful tool for tracking and monitoring user activity within the platform. Additionally, the Audit Trail provides an immutable record of user activity, making it an important resource for auditing and compliance purposes.

The BDB Audit Trail feature helps organizations maintain a secure and compliant environment by providing complete visibility into user activity . Also, the logs from BDB's Audit Trail can be pushed to customer's 3rd party log monitoring software for example Datadog, Zabbix, Prometheus, Fluentd, and Grafana.

Can customers choose the geographic location or region where their data and applications are stored and processed when using a public cloud service?

Yes, the BDB Platform offers its customers the flexibility to choose their preferred location for hosting the tenant. This enables customers to select a location that meets their specific security compliance, and performance requirements by ensuring that their data is stored in a secure and reliable environment.

Will Customer have a dedicated hosting or will customer be in a multi-tenant environment sharing compute and disk space with other customers?

The BDB Platform provides with both options based on the customers' requirements.

What security is applied to the APIs?

The API Client Registration is done through the BDB Admin module. This feature provides two options to register APIs: "Internal" or "External". Both options have different levels of security, allowing the users to choose the level of security that best fits their needs.

1) Internal APIs: Internal APIs in BDB are secured using a client ID and client secret key, which are fully managed by the BDB platform. The client ID and secret key serve as the credentials for accessing the API, and they are generated by the BDB Platform and stored securely within the platform.

2) External APIs: External APIs in BDB are secured using an external security layer, such as a Kong, or a dedicated API management tool provided by the customer such as Kong, APIgee, etc. This security layer acts as an additional layer of protection for the API, helping to prevent unauthorized access and protect sensitive data. By using a client ID and secret key, BDB ensures that access to the API is secure and only granted to authorized clients. This helps to prevent unauthorized access to sensitive data and ensures that the API is only used in the intended manner.

PreviousData PlatformNextData Security & Privacy

Last updated