SonicWall Cloud Secure Edge (CSE) Apps - Data Privacy and Security Considerations

  • Updated on May 31, 2024

This article details common data privacy and security considerations related to deploying the apps across your workforce’s devices.

Please visit our Support site for similar information for your end users.

Product Philosophy

The desktop and mobile apps are designed to enable your organization to adopt a zero-trust security posture, where corporate applications should only be accessed by Registered Devices regardless of their network location. The apps complement the capabilities of Device Managers (MDMs) and Endpoint Detection and Response Tools (EDRs) that Enterprises have already deployed across their device fleets.

The apps are built following these core product philosophies that emphasize data privacy and security:

  1. Device Identity - The apps provide a simple yet secure way for end users to registers a device and for admins to identify a device.

  2. Read Only - The apps report on device status but do not change any device settings proactively; this is very different from MDM and EDR clients that will automatically change settings, install files and block user actions.

  3. User Visible - The apps run as a regular application with a user interface. We do this because a visible application communicates user trust and control, and it also gives us a way to display TrustScores and provide remediation instructions.

  4. Low Overhead - The apps do not continuously monitor or silently analyze behaviour on the device, and so they have virtually no impact on device performance.

  5. Report When Needed - The apps only collect essential device information from the device and report at relatively low frequency. This privacy-oriented philosophy is particularly important because the apps need to also cater to devices that are owned by employees and not issued by an enterprise.


Data accessed and collected by the apps

The apps do not have access to your end users’ device data and do not change any settings proactively. They only check device settings and security features as configured for your organization.

For Device TrustScores, Cloud Secure Edge (CSE) analyzes raw information about a device (such as its features and settings) and converts it into TrustScore Factors that can be processed by machine-learning algorithms.

TrustScore Factors typically involve security measures (such as firewall, disk encryption, screen lock, etc.), preferred applications (such as corporate-managed or productivity-related applications), and general performance (minimum allowed OS version).

Reporting and storage of device feature data

The apps scan and report device data every 60 minutes or when manually trigged by the end user.

The device feature data is stored in the Command Center Trust Scoring Engine, encrypted at rest, and conforms to the highest security standards for protecting sensitive data. This data is used for the lifetime of the customer.

Location data

The apps do not access or store location data of the devices.

Web traffic and network activity

The apps do not intercept or monitor network activity to/from the device.

Standard, OS-specific messages are shown to end users when installing any root certificates to their device. In this case, CSE leverages the root certificate to validate downstream intermediate and client certificates.


Securely Storing EndUser Credentials

ReportingToken

The apps use a special JWT token called the ReportingToken to make requests to the Command Center APIs (submitting device features, logging in, getting a list of services, etc). The ReportingToken contains user and device claims that are not intended to be secret (such as device serial number and user email), and has specific issuance and renewal logic. The ReportingToken is stored on disk and encrypted to prevent token-harvesting threats posed by disk scanners. The password for encrypting and decrypting the Reporting Token is stored securely in the apps so it can be used to make API requests.

LoginToken and LoginCert

The desktop app uses a standard JWT token called the LoginToken to manage certificate issuance. The LoginToken is used to generate a certificate signing request (CSR) to obtain a LoginCert and SSHCert. The LoginToken is stored on the filesystem and protected the same way as the ReportingToken.

The LoginCert (aka TrustCert) is used by banyanproxy to access services. It is stored on the filesystem in two files login-cert.pem (the certificate) and login-key.pem (the corresponding private key). Because banyanproxy must be able to read both LoginCert files, they are stored unencrypted on the device file system. The LoginCert is a short-lived certificate and automatically expires after 24 hours.

The SSHCert is used by SSH clients to access SSH servers. It is managed in the same way as the LoginCert.

The LoginToken, LoginCert and SSCert are stored in the user-data directory of the Banyan Apps.


Certifications

SonicWall Cloud Secure Edge (CSE) is SOC 2 Type I and Type II compliant.