Hi. I didn't know the answers to these, so I passed your questions to my colleagues and got these responses:
- SSO integration with google workspace (No)
- Data encryption at rest and in transit (Yes, if he is referring to the IBM SPSS Subscription version's license server data, but not the data used on local machine)
- 2FA (Yes, if he's referring to IBM SPSS Subscription version and is using an IBMID)
- Role based access scheme (No. Either you have access or you don't.)
- Log integration with SIEM (No)
- Password policies (length, combination, account lockout, etc) (Yes, if he's referring to IBM SPSS Subscription using an IBMID)
- Session timeout (No; IBMID login has a session but if he is already logged in, then the local application does not have session)
- Segregation of duties workflow (Yes, if he's referring to the IBM SPSS Subscription license service; the on-prem application does not have it)
- Malicious account monitoring (Yes, if he's referring to IBM SPSS Subscription using an IBMID; again, the on-prem version does not have it)
- Virus file scanning (Yes, we do code scan, app scan, open source scan )
- Data masking (No) (One can obfuscate .SAV files on disk via encryption, but there is no substitution of in-memory data, a la traditional masking techniques.)
------------------------------
Rick Marcantonio
Quality Assurance
IBM
------------------------------
Original Message:
Sent: Mon November 29, 2021 07:43 PM
From: Bagus Bronto Sie
Subject: SPSS Statistics security related
Hi,
Does SPSS statistics support :
SSO integration with google workspace (yes/no)
- Data encryption at rest and in transit (yes/no)
- 2FA (yes/no)
- Role based access scheme (yes/no)
- Log integration with SIEM (yes/no)
- Password policies (length, combination, account lockout, etc) (yes/no)
- Session timeout (yes/no)
- Segregation of duties workflow (yes/no)
- Malicious account monitoring (yes/no)
- Virus file scanning (yes/no)
- Data masking
------------------------------
Bagus Bronto Sie
------------------------------
#SPSSStatistics