Our Dell Boomi Atom has been carefully architected with your security in mind. Because the Atom can reside on your network or can be hosted in our data center, Dell Boomi provides extensive security measures, both internally and in our data center, in order to prevent any compromise in your data or the Atom.
During installation, no third-party software is installed with the Atom except in the case noted. All installations and downloads are verified and authenticated by the Dell Boomi data center before deployment.
After the Atom is deployed behind the firewall, the Atom is in continuous contact with the data center for "tracking" and "status" information. You do not need to open any inbound firewall ports in order for the Atom to communicate with the data center because all communication is initiated by the Atom to the data center. Because the Atom always initiates the connection, there is never "pushing" of data from the data center to the Atom. When the Atom initiates the connection to the data center, it always authenticates the data center before sending data using an SSL handshake and uses the digital certificate that is automatically created during Dell Boomi registration (see Password Encryption Security).
The communication security protocol:
All communication from the Atom to the data center uses TLS encryption. We support TLS version 1.1 and TLS version 1.2. SSL version 3.0 has been disabled due to the Poodle vulnerability.
Note: On March 28, 2018, Dell Boomi disabled support for TLS v1.0 on the Dell Boomi EU and ANZ Atom Clouds and all Dell Boomi Hub Clouds. On May 23, 2018, Dell Boomi additionally disabled support for TLS v1.0 on the Dell Boomi AtomSphere platform and the Dell Boomi US Atom Cloud.
All outbound communication from the Atom to the data center is HTTPS, port 443.
The Atom uses a standard SSL handshake to authenticate with
The Atom communicates information to Dell Boomi Integration in two modes: ongoing or automatic communications and user-initiated communications. As stated previously, production data is never sent to the data center unless explicitly configured by the Boomi Integration user, for example if the Atom is to be hosted versus downloaded. The Atom does not transport any information to the data center without explicit request by the user.
The following information is transmitted to the data center automatically by the Atom:
Online Status — The Atom communicates on an ongoing basis with the data center to indicate its status. This ensures uptime of any deployed Atom, and the Boomi Integration service knows in a short time frame if the Atom goes offline for any reason.
Tracking Information — File name, directory, etc. of the files processed (if applicable) as well as success/failure counts, process executions, etc.
Integration Process Updates — The Atom periodically checks for and applies any updates to the configuration of the integration processes that have been made by the user.
Atom Updates — The Atom periodically checks for and applies any updates to the Atom code itself.
The following information is transmitted by the Atom to the data center upon request by a user:
Logging Information — Information about the execution of a specific integration process. The total execution time, along with logging for each shape in the process, and error messages that pertain to an execution failure if one occurred.
Error Details — A detailed error message explaining what the error was that caused a specific execution of an integration process to fail.
Connector browsing (for specific connectors) — For example, when building processes, database schema information can be transmitted in order to define the field mapping rules. No actual data is transmitted however, just the schema information.