To improve the security of our TOPdesk SaaS network we will start using a Security Information and Event Management (SIEM) system. This system is designed to process all server logs and system security events to detect potential threats.
The SIEM system will first be introduced in our Canadian (CA1) hosting location. Once all tests have been completed successfully, we will continue rolling out this solution to other hosting locations.
We already have a partnership in place with Fox-IT to monitor traffic to TOPdesk SaaS environments for the Intrusion Detection System (IDS) in the NL3 hosting location. Fox-IT will also monitor the alerts from the SIEM system, and contacts the TOPdesk SaaS hosting team when a potential threat is detected. In case of a security incident, TOPdesk Support will inform affected customers within 24 hours of detection.
By monitoring the server logs and security alerts the SIEM can operate effectively without direct access to customer data. This means implementing the SIEM does not grant Fox-IT additional access to your data.
A network diagram highlighting the changes can be found here; https://page.topdesk.com/hubfs/TOPdesk%20SaaS%20Network%20and%20DMZ%202020-12.png
For more information about our security measures, see https://page.topdesk.com/saas-information#security
Note that during implementation the SIEM and our current IDS (on NL3) will operate simultaneously. Only once the SIEM has been deployed in the NL3 hosting location we might remove the IDS, as it serves the same purpose.