OnePlan

What is OneConnect & How Does it Work?

Updated

OneConnect is the integration platform built by OnePlan.  OneConnect connects data between multiple separate systems to bring data together for central visibility and business intelligence.

Functionality

OneConnect is a cloud-based platform.  It allows for connecting a variety of systems together to reduce the need to manually enter data in multiple systems.  We have many pre-built integration solutions to resolve common issues when using a variety of applications.  Since the platform is flexible, additional customer-specific use cases can be developed using the core platform capabilities.  OneConnect has an admin site to add and manage the integrations.  This allows for the setup and management of integrations without the need to update code.  Updates are made through the admin site user interface.  Based on business needs, data can move either directions (or both) between systems.  Data syncing can be time-based on schedules, on demand (button click), or real time triggered by events.  

Technology / Security

One Connect is hosted in Azure as a muti-tenant SAAS service.  It can connect to both cloud and on premise applications.  OneConnect uses your Office 365 authentication.  We do not store customer data in One Connect (project names, user info, etc).  We only store Unique Item IDs (like 1234-3456-5678-6788) and timestamps of when the item was sent, for performance reasons.  All data is encrypted on transit via SSL using Digicert certificates.  All usernames and passwords (service credentials for accessing integrated systems) are encrypted using Azure Key Vault.  API keys / token based methods are used instead of user names and passwords where supported.  

Azure internet relays can be used to connect securely to on premise applications without the need for opening ports on firewalls.   For more information on relays use the following link: https://wicresoft.screenstepslive.com/s/oneconnect/m/oneconnect/l/848451-what-is-a-relay 

Azure has a variety of certifications and is very secure.  You can access more info here: https://www.microsoft.com/en-us/trustcenter/security/azure-security

For SOC reports use the following link.  

https://www.microsoft.com/en-us/trustcenter/compliance/soc

We utilize Pentest-Tools.com for network penetration testing our applications to verify there are no unknown risks.  We also utilize the Security Code Scan extension for Visual Studio to scan our source code for code level vulnerabilities.  We follow OWASP standards.  As changes are made to our application and / or network settings, we re-scan to verify no issues have been created.  If a issue has been created we will resolve it before pushing it to production.  If a issue is found in production, we will resolve it immediately.  

The below attached files contain more information.  The first is a filled out CAIQ security document with answers to common security questions.  The second is an application architecture diagram.

Previous Article OnePlan Named Account & Licensing Requirements
Next Article Integration Multi-Factor Authentication Considerations