CQNet : Architecture Secures UAS Data

Putting your trust in an external organisation to host and manage your data is not a decision that is made lightly. Your expectation is that the supplier will treat your data like it would its own, and ensure it is captured, transferred, and stored securely.

We at Consortiq understand how important your data is to you. That’s why, when we began designing our UAS Safety Management System, CQNet, we had customer’s data security at the forefront of our minds.

During the design phase, we made a conscious decision to set the standard that we adhere to for all our Enterprise clients. It doesn’t matter if you are a team of three capturing aerial media for productions, an organisation of 30+ monitoring critical infrastructure, or a government agency dealing with National Security. Our aim was that CQNet should be the secure enterprise product that caters for all, with no compromise on data security. Designing our system with security in mind wasn’t enough for us at Consortiq. We want to embed this ethos in our organisation from the top down, that’s why we are already Cyber Essentials accredited, and are working towards ISO 27001 accreditation by the end of 2017.

Designing our system with security in mind wasn’t enough for us at Consortiq. We want to embed this ethos in our organisation from the top down, that’s why we are already Cyber Essentials accredited and are working towards ISO 27001 accreditation by the end of 2017.

Application and data hosting.

When we talk about hosting applications and data remotely, we talk about single or multi-tenancy of customers on a particular instance of an application. Where ‘tenants’ refer to the customers and their corresponding data, and an instance is effectively the servers in the cloud that collectively run the application.

Typical Cloud Multi-Tenant Application Environment

Here the tenant’s data is stored in the same table as other tenants, inside the same database, inside the same active instance, which is accessed through a shared application instance, on a shared cloud resource. In a multi-tenant environment, a software as a service company can reduce its costs, to share and reuse more of its resources but this architecture is generally more prone to risk, outages and is complex to manage.

The mediation layer is used to help communicate and route tenants to the correct connection for their data sets : The Presentation layer is used to present data from the business layer: The Metadata layer helps describe and configure data : The Business layer hosts and manages the Application Instance: The Data layer holds and manages the data stored at database level

So how does CQNet differ from others?

Single Tenant Application (CQNet Enterprise)

Here the tenant’s data is stored in their own secure tables, inside their own secure database, inside a secure instance, which is accessed by their own secure App Instance, in a secure localised Data Centre.

This is great for data security and management simplicity but has higher resource utilisation.

Where is CQNet Data stored and who can access it?

As CQNet’s customer-base is worldwide, it would be inefficient to host the data in one geographic location. It could also mean that it might not conform to the auditing requirements of those customers who have highly sensitive data. So how do we manage this? Utilising the IBM Bluemix service supported by our secure data centre infrastructure we are able to store data locally by country, sometimes even by state to meet the specification set by the client. We can also provide an on-premise deployment inside the organisations own infrastructure also if needed. How secure is the Infrastructure that you use? It is one of the most secure platforms on the market, and that is why we selected IBM as partner CQNet is a Bluemix application on a Bluemix Infrastructure (SoftLayer) which is compliant with the most restrictive IBM information technology (IT) security standards, which meet or exceed the industry standards. These standards include the following:
● Network, data encryption, and access control
● Application ACLs, permissions, and penetration testing
● Identification, authentication, and authorization
● Information and data protection
● Service integrity and availability
● Vulnerability and fix management
● Denial of service and systematic attacks detection
● Security incident response
● Two Factor Authentication

So in Summary

CQNet Enterprise provides a secure single tenant application instance, with a secure single tenant database instance that is hosted in a secure running environment in a data centre that is localised to the client. Our data centres that we use meet and exceeds industry standards.

It is down to the end user to decide which partners they work with. Do they select the cheap option, because of a budget but risk exposing the company’s sensitive data or Do they choose the more secure reliable option and risk pushing the budget a little further?

https://consortiq.com/