Rather than retrofitting older technologies, Boomi AtomSphere developed a single-instance, multi-tenant platform to optimize the new integration paradigms used in SaaS, PaaS, and cloud computing environments.
For companies seeking ease of use and accelerated time to value in addressing application integration, Boomi AtomSphere leads the iPaaS vendor landscape—regardless of company size, industry or geography.
The Dell Boomi AtomSphere platform was designed and implemented from the ground up to be an elastic, multi-tenant, hosted platform. It is not a retro-fit of a traditional software solution where multi-tenancy is achieved via multiple installation instances. Dell Boomi has a proven, tenant-isolation implementation that achieves isolation at a process, data and management level by:
- Assigning a unique identifier to each account and tagging all objects associated with the account with this ID
- Using roles and permissions to control access to account objects and management functions
- Encapsulating all integration workflow, transformation rules, business logic validations and connector operations as metadata bound to a specific customer account
- Deploying workflow configuration metadata to an Atom, which acts on it to perform the execution of an integration process
The AtomSphere platform undergoes regular load testing scenarios that assume customer usage 10x higher than current demand. With this approach, Boomi ensures customers can continue to expand integration requirements and rely on Boomi to deliver the infrastructure to power them. Visit trust.boomi.com to see the current scale and performance of the Boomi platform.
AtomSphere can simultaneously handle the smallest integration requirements with the demands of very complex integrations. For the most demanding integration requirements and those that affect business-critical processes, AtomSphere offers functionality that improves testing, deployment and scalability:
- Environments – AtomSphere offers separate, dedicated environments for advanced testing.
- Molecules – An enterprise-grade version of Boomi’s patented Atom technology can be deployed across multiple physical servers to enhance load balancing and deliver high-availability for mission-critical integration processes.
- Scalability – AtomSphere’s innovative and mature single-instance, multi-tenant platform meets the scalability and performance requirements demanded by mission-critical integration processes.
- Parallel Processing – AtomSphere allows processes and parts of processes to execute in parallel to help speed up "slow" or "complex" integration flows.
- Message Queuing – AtomSphere includes native message queuing as part of the core platform, eliminating the need for a standalone message queuing solution.
- Advanced Workflow – AtomSphere supports complex process orchestration, lowering development times and improving team efficiency for larger integration projects.
- Advanced User Security – AtomSphere includes the ability to assign access to Boomi resources based on user and account-group profiles.
Boomi provides redundancy at every layer of the platform to enable fast recovery in the event of hardware failure. Data is also securely backed up offsite.
At trust.boomi.com, Boomi provides live and historical system performance data and notifications of planned maintenance.
For any SaaS or cloud computing application, security requires careful scrutiny. At Boomi, we are keenly aware that our platform manages the integration of business-critical information and processes. To meet global security requirements, Boomi AtomSphere provides a multi-layered security model built on patented technology.
Boomi addresses security at three layers: network and facilities infrastructure, application and platform, and data. This three-tiered approach means that your data is never exposed to unauthorized parties, remains safe in transit between applications and continues to be accessible whenever and wherever you want.
Boomi does not store data at any point during the integration process unless specifically configured to do so.
Network and Facilities Infrastructure Security
The Boomi infrastructure has received a number of global security certifications and compliance verifications. Certifications include ISO 27001:2005, Level 1 Payment Card Industry (PCI) Service Provider, SSAE16 Type II SOC1, SOC2 (Security and Availability Only), and SOC3, Safe Harbor, and CDSA Content Protection and Security. The configuration of the data center includes best-of-breed security (routers, firewalls, IDS and DDoS protection), redundant IP connections to world-class carriers terminated on our carrier grade network, redundant UPS power, diesel generator backup and HVAC facilities, and multipoint monitoring of key metrics alerts for mission critical and ongoing maintenance issues.
Application and Platform Security
The Boomi Atom resides on your network, in our data center on premises or in the cloud, hosted by Dell Boom or a third party. During deployment, the data center verifies and authenticates the Atom and all of its contents before activation. An Atom never sends data to the AtomSphere platform data center unless explicitly configured by the user. The Atom communicates information to the Boomi AtomSphere in two modes, automatic and user initiated.
The Boomi Atom automatically transmits the following information to the AtomSphere data center:
- Online Status – The AtomSphere service knows in near real-time if the Atom goes offline.
- Tracking Information – The Atom communicates file name and directory of the files processed as well as success/failure counts and process executions.
- Integration Process Updates – The Atom periodically checks for and applies updates to integration process configurations made by the AtomSphere user.
- Atom Updates – The Atom periodically checks for and applies updates to the Atom code.
If requested by an authorized AtomSphere user, the Atom communicates the following to the AtomSphere data center:
- Logging Information – information about the execution of an integration process, including total execution time, logging for each step of the process and execution-failure error messages
- Error Details – a detailed error message explaining what error caused the failed execution of an integration process
- Connector Browsing – when building processes for specific connectors, database schema information can be transmitted to define field mapping rules. No actual data is transmitted.
On-Premises Data Communication Security
No inbound firewall ports need to be open for the Atom to communicate with the data center. The Atom always initiates the connection; the data center never pushes data to the Atom. When the Atom initiates a connection, it uses an SSL handshake to authenticate the data center before transmitting data. The Atom uses the digital certificate automatically created during AtomSphere registration (see Password Encryption Security below).
Data Communication Security Standards
All communication from an Atom to the data center uses SSL 256-bit encryption and occurs via HTTPS, port 443.
Password Encryption Security
The diagram below illustrates the password security method that applies when a user registers for Boomi AtomSphere and how passwords are encrypted.
- During Registration – When a user registers and activates an account, Boomi generates a private/public x509 key. We store the public certificate and the private key in our secure data center.
- During Build – When creating a connector, Boomi prompts users to enter their password. The password is encrypted and stored for the account. Only the account holder can decrypt the password that unlocks the private key matching the public key used to encrypt the password.
- Deployment – When you deploy an Atom, the entire encrypted string is deployed to that Atom and the credentials of your account supplied during Atom deployment will unlock the communication password at runtime.
Certain AtomSphere application connectors use certificates to guarantee security when transmitting data. Connectors such as FTPS, SFTP, HTTPS, AS2 and many others require certificates to encrypt data and channels, and to verify the digital signature of the person sending data. The certificate component can use a key obtained from a certificate authority such as Verisign or Thawte, or make use of a key generated by Boomi. Keys generated by Boomi are just as secure as purchased certificates.
AtomSphere does not retrieve, access or store your application data at any point during the integration process. AtomSphere supports data mapping rules that enable interoperability and facilitate your integration processes. You configure and maintain the data flow. AtomSphere supports data mapping development, deployment and data management.
Application data processed through an on-premises Atom never flows through the AtomSphere data center. The data resides behind the customer’s firewall on the server that contains the Atom. Data travels directly to the SaaS or on-premises application through a connector configured to the security requirements of the customer.
Atoms deployed in our data center have all the security that our data center infrastructure provides—the highest level of SaaS security available.