Data Governance
TIBCO Control Plane is used as the signup, onboarding, authentication, administration, and management console. TIBCO Control Plane collects and stores data. In addition, some usage information manually shared by customers is also stored. This document describes what data is collected and the methods of data collection, storage, and transmission.
This information is for Security Officers, Compliance Officers, Information Auditors, Network Infrastructure, Operations administrators, and line-of-business owners.
How Does TIBCO Control Plane Collect, Store, and Transmit Data?
Control Plane collects data from the managed instances and agents. These instances are deployed in the customer’s premises. The data is transmitted from Control Plane Monitoring agent (deployed in the customer’s environment (e.g on-premises)) securely over an SSL channel encrypted using the TLS 1.2 protocol to the cloud.
Data is stored in a time-series database with multi-tenant data isolation at the database layer in the AWS Cloud in either of the US West (Oregon) or EU East (Ireland) regions depending on what the customer chose during the onboarding process. EU East is the master and US West is the replica.
Passwords, SNMP community strings, SSL certificates, and Control Plane configuration backups are encrypted using a unique per-tenant AES 256 key. These are stored securely in the database.
In addition, customers may share manually collected usage data such as described at TIBCO License Information.
Data Categories
For data handling practices, the data is classified into:
-
Customer Content: Any data uploaded to a customer’s account for storage or data in the customer’s computing environment to which TIBCO is provided access to perform certain services.
-
Logs: Include records of services, including, but not limited to:
-
Data and information on usage, support, and security
-
Technical information about applications and systems
-
-
Usage Information:
- Usage data such as described at TIBCO License Information, for example the number of application instances or connectors used of software listed
Customer Content
TIBCO Control Plane collects information from various sources using agents like:
-
Monitoring agent collects resource metrics data
Control Plane also collects information about administrator’s session and activity details in addition to the information mentioned in logs.
Personal Data Elements
TIBCO Control Plane collects the following personal data elements:
-
usernames of customer users; and
-
IP addresses, which may potentially be personal data where a user logs in from a personal ISP.
TIBCO Control Plane collects these personal data elements for the purpose of authentication and authorization. The legal basis for this collection is Cloud Software Group’s legitimate interest in ensuring product security.
Logs
Logs are used to facilitate the provisioning of software, analytics, and other purposes consistent with TIBCO User Agreement.
Metadata and telemetry logs collected include:
-
Monitoring agent logs
-
Agent geographical location
-
Licensing info (subscription)
Usage Information
Usage data manually shared by customers includes information described at TIBCO License Information, for example the number of application instances or connectors used of software listed.
This information is stored and used for legitimate interests, which may include but are not limited to: product license compliance, product improvement, and development of new products and product features.