How Does Bezlio's Security Work?
We use a very innovative way to transfer data from behind your firewall to the cloud and to your mobile users
Bezlio is a reliable, stable SaaS service where security is baked into its core DNA. Utilizing a secure token system, end-to-end AES256-level encryption, and granular level user security and controls, Bezlio provides an easy and secure foundation for mobilizing any sales or mobile workforce. Consider a few highlights:
Highlights
- Keep your firewall intact - no open ports required!
- Absolutely no data is stored in the cloud. All data remains secured behind your firewall inside of your network.
- Security tokens ensure each device is trusted and permitted by administrators.
- The Bezlio listener in your network will only respond to users and queries that it is allowed to answer.
- Only locally logged in administrators can determine who can connect and what data to share.
- Administrators can easily break the data connection by revoking just one of the security tokens on either side of the connection.
- Administrators have the ability and flexibility to subscribe users to multiple threads rather than one, providing very granular security.
- All data transfers are encrypted with AES256 level encryption.
- Bezlio Cloud operates within Microsoft's secure Azure cloud infrastructure.
Let's Get Into Some Details!
The Components
Bezlio consists of three major components:
BRDB (Bezlio Remote Data Broker) is installed securely in your network, behind your firewall. Plugins inside of BRDB communicate directly with your ERP, CRM and other databases. Administrators can control user tokens and data permissions from here.
Bezlio Cloud API stores the user's secure token and reliably routes data traffic and communications between BRDB and Bezlio Portal.
Bezlio Portal is the front-end application which securely authenticates mobile users and displays their applications and dashboards.
The Communication Method
Bezlio uses a security token system that ensures that each user authenticating is trusted. Once your network admin creates the user's security token, Bezlio stores one copy in Microsoft Azure, and stores the other token within your network, behind your firewall within BRDB.
The data transfers between Bezlio Portal, Cloud, and BRDB are encrypted with AES-256 level encryption.
No ports need to be opened in your firewall for communications to run successfully between Bezlio BRDB and Bezlio Cloud and Portal.
Secure Data Communication Process
Bezlio Listens For Requests Inside Your network
The Bezlio BRDB component sits inside of your network, secure behind your firewall, listening for your user's requests.
User Authentication
When your mobile users authenticate and logs into the Bezlio Portal, a request is sent from their mobile device to the cloud, saying, "I am a trusted device and I need the following data...".
Open Communications Channel
Bezlio Cloud verifies that your user has a trusted security token and then opens a secure communications channel to Bezlio BRDB inside of your network.
Do We Trust This User?
Bezlio BRDB will listen to the request and ask again, "Is this a trusted user?" It will determine this by comparing the user's token against the security tokens that you, as the network administrator, have specifically approved.
Is This User Allowed to Have This Information?
Bezlio BRDB will then ask itself, "Am I allowed to answer the query that is being asked?" Unlike traditional OData requests, which will answer and respond to anything, Bezlio BRDB will ONLY respond to queries that you, as network administrator, explicitly permit.
Encrypted Data Provided
If the end user and the specific request are both trusted, only then will Bezlio BRDB fulfill the request. The data is queried and then Bezlio BRDB securely sends the encrypted response back to Bezlio Cloud, which then routes the encrypted data back to the trusted user's mobile device. No data is ever stored in Bezlio Cloud unless specified by administrators.
