Difference between revisions of "Security - Start Here"

From All n One's bxp software Wixi

Jump to: navigation, search
(Created page with "== Overview == Security is an enormous aspect of Business Express (BeX) and an enormous field with many questions and often very detailed answers. This area of our Wixi is ...")
(No difference)

Revision as of 12:18, 12 October 2014

1 Overview

Security is an enormous aspect of bxp software (bxp) and an enormous field with many questions and often very detailed answers. This area of our Wixi is designed to help you navigate to the answers we feel best answer your questions. The areas, lists and answers have been compiled from numerous security surveys, questionnaires and audits we have received since 2005.


The first challenge that we have as an organisation is how much information to release to the public domain whilst still being seing to be helpful / co-operative. To this end if operationally sensitive information is required, it can be released to you under Non-Disclosure Agreement, but is not available in this Wixi or its supporting documents.


2 Contracts

All n One Limited [hereto referred to as All n One] are the company that supply the software as a service solution called bxp software [hereto referred to as bxp].


2.1 Where do we start?

The first part of any interaction with a client is to put in place a Non-Disclosure Agreement (NDA). The company looking to rent the solution [hereto referred to as the bxp Client] can use the All n One NDA or ask All n One to review and discuss an NDA of their own.


The NDA means that both parties can be privy to sensitive operaitonal details in the security that they will not be shared.


2.2 How long do I sign up for?

The contracts begin with a three month commitment followed by a month rolling contract where the bxp Client is required to provide notice only one month in advance. For some clients this period is two short and the rolling notice can be extended to any amount of time upon contractual agreement.


The reason for this is to provide bxp Clients with the security of knowing that they can take their data at any time and walk away without being tied into a length supplier contract.


2.3 Key Stakeholders

For the purposes of terminology there are a number of key stakeholders involved in the contract process at a minimum.


From the bxp Client


  • The primary bxp Client: This is the person who signs the contract and authorises payment
  • The primary bxp System Champion : This is the primary operational contact for the bxp Client
  • The primary bxp Human Resources Champion : This is the primary HR contact for the bxp Client
  • The primary bxp Security Champion : This is the primary security contact for the bxp Client


From All n One


  • The Sales Relationship Manager (SRM) : This is the primary sales person who helps a bxp client get up and running and manages all aspects of the relationship up to the point of sale.
  • The Business Development Account Manager (BDAM) : When the contract is signed the BDAM takes over to ensure deliver of the contract and manage relationship interactions
  • The All n One Support Infrastructure : This is the entire infrastructre of the company and how interactions are managed Security_-_Getting_Help


2.4 What is in the contract?

In summary, the contract outlines the provision of service, the terms and conditions of support, the price and a number of terms and conditions regarding the use of the system. A copy of your contract is available from your System Champion. To view a draft contract please contact your SRM or email us at sales@allnone.ie to obtain a copy.


2.5 Functionality Vs. Content

Within bxp there is a very clear definition between functionality and content. Functionality is a software function that is able to manipulate content. Content is raw data. The users, customer and any other data that is entered into the system will always remain the property of the bxp Client. The functionality to manipulate and interact with that data is the intellectual property of All n One.


The grey area of ownership can be custom JavaScript developed for a client. If the code is in a standard bxp library available to all clients then it remains the property of All n One. If the code is loaded into a form or custom uploaded library within a bxp Client instance then it is considered contact and belongs to the bxp Client.


  • All functionality belongs to All n One
  • All content belongs to the bxp client


3 Standards and Laws

  • All n One Limited is an Irish company with operations residing completely in Ireland and under Irish Law.
  • All n One Limited is registered with the Data Protection Commissioner of Ireland
  • All n One Limited as an Irish company is also subject to European Law
  • The All n One sales operation is delivered globally.
  • The All n One support operation is operated from Ballymount, Dublin exclusively
  • The bxp firewalls, switches and data servers are hosted on All n One dedicated equipment in Sungard in Parkwest, Dublin.
  • The bxp web servers and load balancers are hosted in secured virtualised environment in Sungard in Parkwest, Dublin.
  • With contract provisions, a secondary mirroring site can be provided in Sungard's secondary site in Clonsaugh, Dublin.
  • All client owned content is kept with the Parkwest infrastructure.


For the above reasons and the reasons of physical security, operational support and intellectual property protection, bxp cannot be installed on client equipment or in client premises and can only ever be accessed securely through the Internet.



4 Physical Infrastructure

5 Logical Infrastructure

6 Operational Procedures

Retrieved from ‘https://www.bxpsoftware.com/wixi/index.php?title=Security_-_Start_Here&oldid=1974