How Does Bezlio's Security Work?

Bezlio is a reliable, stable SaaS service where security is baked into its core DNA. Utilizing a secure token system, end-to-end AES256 level encryption, and granular level user security and controls, Bezlio provides an easy and secure foundation for mobilizing any sales or mobile workforce.  Consider a few highlights:

Badge to represent Bezlio's use of AES256 encryption
Badge to represent Bezlio's ability to communicate in and out of your network without opening any holes in your firewall
Badge to show how Bezlio doesn't need to store any data in the cloud
Badge to indicate that Bezlio uses a secure token system to communicate between the data source and the end user

Highlights

  • Keep your firewall intact - no open ports required!
  • Absolutely no data is stored in the cloud.  All data remains secured behind your firewall inside of your network.
  • Security tokens ensure each device is trusted and permitted by administrators.
  • The Bezlio listener in your network will only respond to users and queries that it is allowed to answer.
  • Only locally logged in administrators can determine who can connect and what data to share.
  • Administrators can easily break the data connection by revoking just one of the security tokens on either side of the connection.
  • Administrators have the ability and flexibility to subscribe users to multiple threads rather than one, providing very granular security.
  • All data transfers are encrypted with AES256 level encryption.
  • Bezlio Cloud operates within Microsoft's secure Azure cloud infrastructure.

Let's Get Into Some Details!

The Components

Bezlio consists of three major components:  

BRDB (Bezlio Remote Data Broker) is installed securely in your network, behind your firewall.  Plugins inside of BRDB communicate directly with your ERP, CRM and other databases.  Administrators can control user tokens and data permissions from here.

 

Bezlio Cloud API stores the user's secure token and reliably routes data traffic and communications between BRDB and Bezlio Portal.

 

Bezlio Portal is the front-end application which securely authenticates users and displays their applications and dashboards.

 

The Communication Method

Bezlio uses a security token system that ensures that each user authenticating is trusted.  Once your network admin creates the user's security token, Bezlio stores one copy in Microsoft Azure, and stores the other token within your network, behind your firewall within BRDB.

The data transfers between Bezlio Portal, Cloud, and BRDB are encrypted with AES256 level encryption.

No ports need to be opened in your firewall for communications to run successfully between Bezlio BRDB and Bezlio Cloud and Portal.

 
Diagram of the communications methods that Bezlio uses, from BRDB, through your firewall, out to Bezlio Cloud which runs on Microsoft Azure

Secure Data Communication Process

 

Bezlio Listens For Requests Inside Your network

The Bezlio BRDB component sits inside of your network, secure behind your firewall, listening for your user's requests.

 

User Authentication

When your users authenticate and logs into the Bezlio Portal, a request is sent from their device to the cloud, saying, "I am a trusted device and I need the following data...". 

bezlio-security-cloud-user-authentication.png
 

Open Communications Channel

Bezlio Cloud verifies that your user has a trusted security token and then opens a secure communications channel to Bezlio BRDB inside of your network.

 

Do We Trust This User?

Bezlio BRDB will listen to the request and ask again, "Is this a trusted user?" It will determine this by comparing the user's token against the security tokens that you, as the network administrator, have specifically approved.

 

Is This User Allowed to Have This Information?

Bezlio BRDB will then ask itself, "Am I allowed to answer the query that is being asked?"  Unlike traditional OData requests, which will answer and respond to anything, Bezlio BRDB will ONLY respond to queries that you, as network administrator, explicitly permit.

 

Encrypted Data Provided

If the end user and the specific request are both trusted, only then will Bezlio BRDB fulfill the request.  The data is queried and then Bezlio BRDB securely sends the encrypted response back to Bezlio Cloud, which then routes the encrypted data back to the trusted user's device.  No data is ever stored in Bezlio Cloud unless specified by administrators.