No Compromise: Boomi Delivers Flexibility and Enterprise-Grade Security

10 minute read | 16 Jul 2019

By Boomi

A few weeks ago, my colleague Josh Tabak wrote about how Boomi helps our customers scale their businesses to easily handle complex application integrations and data transformations.

In this post, I’m writing about three more ways that Boomi helps customers accelerate better business outcomes. Much of this relies on flexibility: Boomi gives customers the ability to choose their preferred approach to any given IT project.

When organizations have full freedom in how they build and manage IT services, they can ensure those services deliver speed, agility and efficiency to the business.

Let’s dive in.

API Support That Doesn’t Box in Developers

Without question, application programming interfaces (APIs) are critically important to modern IT. Businesses are opening APIs to customers and partners, creating new types of products and services that are more responsive and efficient.

Many organizations are looking for a platform that provides API lifecycle management, making it easy to configure, publish and provide access to data and services.

The Boomi platform includes a rich set of API lifecycle management features that just keeps getting better and better. (If you attended Boomi World last year, you saw a preview of some of the API features we’ve made available to customers over the past few months.)

But offering developers a choice of programming techniques is also important because while APIs are useful and flexible, they can come with unexpected costs — especially if they’re being built and maintained by hand.

For example, we know a company that had decided to convert all its legacy integrations to APIs without the benefit of a low-code integration and API management platform. The IT organization had forecasted a couple hundred thousand dollars for this effort. But the project wound up consuming multiple millions of dollars per year due to all the hand-coding required to manage API connections.

Maintaining its API environment in this manner consumed valuable budget dollars and starved the IT organization of resources needed for new strategic initiatives.

If you want to publish a service as an API, look for an API lifecycle management platform to make development and maintenance quick and efficient. But there are many times when connector-based integration will do the job better and save time, money and effort.

With Boomi, you get the best of both worlds: you have the flexibility to use traditional connector-based integrations as well as APIs.

If you want to publish APIs to make data available to other applications, departments, partners or customers, the Boomi platform lets you do that very easily. Plus, our API lifecycle management tools minimize the amount of hand-coding that’s needed so that you can manage APIs more quickly and easily than ever before.

At the same time, we don’t require you to convert everything to APIs to build connections. APIs are certainly valuable, but depending on the circumstance, connector-based integration might be the better way to go.

And with our library of hundreds of ready-to-use connectors and our patented Boomi Suggest feature for community-powered guidance to rapidly configure integrations and data transformations, customers can quickly build connections that get the job done.

“If you want to publish a service as an API, look for an API lifecycle management platform to make development and maintenance quick and efficient. But there are many times when connector-based integration will do the job better and save time, money and effort.”

Code or Low-Code: Flexibility for Developers

Steve Wood, our chief product officer, likes to say, “Boomi loves developers.” And we do.

We’ve designed the Boomi Platform to provide developers with the flexibility to either hand-code integrations or use our low-code interface to rapidly assemble integrations and transformations.

If there’s an integration – whether straightforward, such as Salesforce to NetSuite, or something more complex – developers can build that quickly and easily using our connectors and our drag-and-drop development environment. If they’re building an advanced transformation or something customized for a special use case, they can also write custom code and incorporate it into Boomi’s ready-built integration processes.

The Boomi platform supports both JavaScript and Apache Groovy. Our Groovy implementation provides access to all the classes in the Java 7 or Java 8 JRE runtime JARs.

Using Boomi’s low-code interface, developers can take advantage of pre-built components and the guidance that comes from Boomi Suggest, which draws on the anonymized experience of thousands of companies building integrations and transformations with our multi-tenant cloud platform.

At the same time, if developers want to hand-code complex transformations or other highly customized processes, they can. Boomi lets developers choose whichever approach is right for them.

On-Premise or In the Cloud: Flexibility for Operations

Boomi doesn’t just offer flexibility for developers. It also offers flexibility for operations and production teams.

If an organization wants to ensure that all its data stays on-premise behind its firewall, they can deploy Boomi Atoms on-premise. The same organization might want to connect multiple cloud applications, so they can deploy another Atom in the cloud to manage those integrations and transformations. The Boomi platform gives customers the flexibility to run their processes wherever makes the most sense for their security protocols and compliance policies.

What’s especially convenient here is that customers can manage on-premise and cloud-based integrations and workflow automation on the same platform. They don’t have invest in one technology for on-premise integrations and manage another for cloud-based data. The Boomi unified platform supports both, saving time and money.

Learn more about how the world’s leading organizations “Win With Boomi.”

Enterprise-Grade Security in the Cloud and On-Premise

Another way that Boomi helps organizations is by building security into everything we do. We have built a platform designed to meet the highest security standards for commercial and government organizations.

Boomi’s commitment to security gives customers the freedom to move data and processes wherever makes the most sense — in the cloud, on-premise or in a hybrid configuration — with the confidence that, regardless of which approach they’ve chosen, their data is secure.

Here are just a few ways that we’ve built security into our platform:

  • Secure Coding Practices: At Boomi, we maintain secure coding best practices that are based on Open Web Application Security Project (OWASP) standards. These are security methodologies and best practices promoted by the OWASP online community. We also scan our source code for vulnerabilities as part of our standard development process.
  • Encryption: The Boomi platform encrypts all data in transit that it is responsible for with Transport Layer Security (TLS) 1.1 or 1.2. When Boomi Atoms run on Amazon Web Services (AWS), Boomi supports encryption at rest using AES-256 encryption keys managed by the Amazon Key Management Service (KMS).
  • Credentials: Boomi never stores customer passwords, either as plain text or as encrypted text. Instead, user credentials are hashed using an RSA 256-bit hash with a single unique salt.
  • Identity and Access Management (IAM) and Role-Based Access Controls (RBAC): Boomi customers can create individual user accounts based on company email addresses. Alternatively, Boomi can automate account creation for large numbers of users. Customers can also manage Boomi user accounts through single sign-on services managed by the SAML 2.0-compliant identity provider of their choice. The platform supports four built-in roles and lets customers customize role privileges to suit organization-specific security policies. All user activity is logged, and authorized users can access logs securely through an API.
  • Backups and Disaster Recovery: Boomi makes daily incremental and weekly full backups. We also backup critical data on our platform every eight hours to a dedicated disaster recovery (DR) site.
  • CVSS Risk Assessment and the Dell Technologies Patch Management Standard: Boomi follows Dell Technologies’ patch management standard. This standard takes a risk-based approach to patches, assessing their risks as critical, high, medium or low. These risk scores are derived from the CVSS score, the Common Vulnerability Scoring System.
  • Compliance With Data Security Regulations: Along with other Dell companies, Boomi is working with the Dell Technologies privacy team to ensure compliance with the EU General Data Protection Regulation (GDPR), which took effect on May 25, 2018. Boomi’s authorization for the U.S. Federal Risk and Authorization Management Program (FedRAMP) — the federal government’s security standard for cloud services — is in process. The Boomi platform is HL7 and HIPAA-compliant for use in healthcare and PCI-compliant for retail.

From code analysis to regulatory compliance, Boomi focuses on security at every level. Organizations can trust Boomi to deliver the security they need for data integration, API management and data governance.

Integration Made Flexible, Fast and Secure

In this post, I’ve summarized three ways that Boomi empowers its customers and helps them accelerate the development, deployment and operation of business IT. The Boomi Platform:

  • Provides powerful API lifecycle management features that give IT developers full control over what they develop as an API and what they develop as traditional integrations.
  • Supports low-code as well as custom-coded development for application integration, data transformation and workflow automation.
  • Provides enterprise-grade security features designed to meet the highest security standards, such as the GDPR and FedRAMP.

The pace of business isn’t slowing down. Organizations need to move faster and faster. And speed depends on being able to make the right choices about how to manage increasingly complex IT infrastructure.

By providing organizations with a powerful, rigorously secure platform that provides a fully flexible approach to application and data integration, Boomi helps organizations achieve their business goals with the strategy that works best for them.

Learn more about how Boomi’s unified platform can meet the most demanding application and data integration needs. Contact a Boomi integration expert today.