PKI Assessment Data Protection Disclosure

PKI Assessment Portal Authentication

The assessment portal is an online service that provides automated technical assessment of Active Directory Certificate Services (ADCS). Each subscribing organization is a wholly self-contained tenant with no shared credentials or data with any other entity. When onboarded, each organization is created using Microsoft Azure B2C for authentication controls. At no time are these credentials or details accessible to PKI Solutions or any other organization.

The organizations' designated account owner controls the creation of the accounts in the dedicated Azure B2C tenant. Once logged in, clients have the option to allow PKI Solutions to view and manage the organizations' collected information for collaboration and help. Clients can also choose to store collected information to allow PKI Solutions to use it for problem resolution. If data is stored, it is copied to an encrypted Azure storage account for retention. The default configuration does not allow sharing of data, collector files, reports, or recommendations with PKI Solutions or any other entity.

Data and Settings Collected

ADCS Collector uses PowerShell to call Application Programming Interfaces (API) that exist natively in Windows Servers hosting the certificate authority (CA). Active Directory and ADCS are tightly integrated and is queried for settings and policies that relate to the PKI. The last source of information is log files and policy files on each CA.

Data that is collected includes configuration of the CA and related components. Additional details are retrieved from Active Directory for the discovery and configuration reporting of ADCS related services. At no time are passwords, account details, private keys or other details collected or analyzed by the tool.

The collected information is placed in .json files that are human-readable in a  text editor like Notepad. They are located by default in the  C:AdcsCollectorReports folder. All information may be examined for its content, though you may not redact or remove information due to the formatting and integrity control of the information. If you have any concerns about the data contents, please contact us at support@pkisolutions.com so we can address your concerns.

Secure Data Transfer

The files created by the ADCS Collector are a .jsonx file that provides an archivable, strong-typed format for transfer to the analysis portal. The file upload requires an internet-connected client and web browser.

All users must be authenticated to the Online PKI Assessment Portal by using the credentials in their Azure B2C tenant. The internet-connected client will make a secure connection to the Assessment Portal hosted in Azure. The connection is encrypted and authenticated using TLS 1.2, ECDHE_RSA with P-256, and AES 256 GCM with a publicly trusted certificate issued from Microsoft.

Data at Rest

All data stored and processed by the portal is encrypted at rest. By default, uploaded. jsonx files are stored only long enough to generate the assessment reports – they are then deleted. A PDF of the assessment report is created initially when analyzing the data for each specific assessment. It is stored with the assessment for future download.

Organizations have control over their data privacy and sharing controls. Privacy settings found in the web portal dashboard allow control of uploaded data and completed reports.

PKI Assessment Privacy Settings

When enabled, a copy of the uploaded data is retained in an Azure Storage Account. Data in Azure Storage is encrypted and decrypted transparently using 256-bit AES encryption, one of the strongest block ciphers available, and is FIPS 140-2 compliant. If the privacy settings are disabled, all uploaded data is stored in encrypted blobs only until it is analyzed and is then removed. Report PDFs are retained and stored and encrypted in Azure Storage. The dashboard allows clients to delete individual assessments that will remove all data regarding that assessment which includes the PDF created.

Database Encryption

Organization information and assessment data is stored in an Azure SQL Server Database. All connections to the database are encrypted using Transport Layer Security (TLS) and only allowed from the front-end Assessment Portal. Data in the database is protected with Transparent Data Encryption (TDE) for Azure SQL Database which adds a layer of security to protect data at rest from unauthorized or offline access to raw files or backups. TDE encrypts the entire database using an AES encryption algorithm.

Accounts and organization information can be removed upon request. When the organization is removed, all uploaded data and reports are removed. This task can be completed by 2 designated individuals at PKI Solutions and is not reversible.

More information on Azure Active Directory B2C https://docs.microsoft.com/en-us/azure/active-directory-b2c/overview

More information on Azure Storage Accounts https://docs.microsoft.com/en-us/azure/storage/common/storage-account-overview