Voyance Security

Voyance is built from the ground up leveraging state-of-art security practices and services

Protecting the security and integrity of our customer data and our production systems is a top priority for Nyansa. All aspects of the patented Voyance service, from the data we inspect, to the metrics we send and analyze within our cloud backend, as well as our security practices and procedures, are designed with enterprise-grade security and reliability requirements in mind.

Highlights

  • No packets or payload ever leave the customer premise
  • Cloud-Sourcing via Anonymization
  • Strong encryption – SSL / 256 bit AES encrypted transport
  • Validated 3rd party security & pen-testing
  • Strict, Secure access controls – two-factor authentication; audit trails
  • Logical isolation: Amazon AWS VPC with state-of-art physical and cyber security

nyansa-security-diagram

Passive & Out-of-Band

By design, the Voyance system is a passive system that cannot interfere with the customer network.

The Voyance system has no control functions within the customer network. All communication is outbound initiated over port-compliant SSL.

Data we collect & analyze

Voyance only collects the performance metrics needed for analysis. While the solution inspects live network data within the customer premise, no packets are ever transported to the cloud. The performance metrics we collect and analyze include:

  • Protocol response times and error codes
  • Jitter and delay metrics
  • Wi-Fi metrics including SNR, channel utilization, client association information
  • Business critical App ID information
  • Client capabilities/metrics – OS version, device vendor, user agent
  • L2 metrics – connection type, src/dest information

Cloud Sourcing via Anonymization

The Voyance cloud-sourcing approach whereby customers can learn about best practices from each other is completely anonymized.

Comparative benchmarking with basic characteristics like industry vertical, network size and average number of clients, does not reveal the identity of the customers used in forming the benchmark.

Security in Detail

Strong SSL Encryption

Communication between the Voyance crawlers and the cloud-hosted backend is exclusively over SSL.

All SSL certificates are uniquely generated per customer accounts and automatically provisioned, thus eliminating potential errors that can occur by manual provisioning or invalid certificates.

Secure Cloud Infrastructure

The Voyance infrastructure is built and maintained in accordance with multiple IT security standards. Voyance leverages Amazon AWS which is ISO 27001 and SOC 1 Type II certified and is rated as a leader in cloud security by research firm Forrester.

Nyansa leverages Amazon AWS VPCs to provides complete control over virtual networking environment including IP address range selection and control, subnets, configuration of routing tables, and network gateways.

Access and administration of backend compute and storage resources are tightly controlled by role-based access, strong multi-factor authentication using certificates and MFA tokens, as well as firewall rules.

Third Party Security Assessment and Pen-Testing

Nyansa employs third-party services to performance daily penetration testing and application vulnerability assessments. These include, but are not limited to, cross-site scripting and SQL injection attacks. Our third party security assessment can be made upon request and under NDA.

Nyansa employs various systems to monitor the availability and security of the Voyance infrastructure 24x7x365. Our operations engineers are available around the clock to respond to incidents.

Security Tools for Administrators

Voyance includes administrative tools to protect access to your organization’s data via our cloud portal. These tools include email verification, account access/authentication logs, role based access and different account privileges. These are no default passwords or shared secrets. Finally, user account passwords are stored using a salted hash.

nyansa-security-logos