myDRE as a SaaS

myDRE as a SaaS

Introduction

myDRE is a product developed and maintained by anDREa BV that allows a Service Provider to offer services to Tenants. Each Tenant is able to self-service create Workspaces for storing and processing data. The Service Provider operates the CORE that makes this possible.

The full list of the current available services can be found at:
  1. anDREa / myDRE standard services
  2. anDREa / myDRE optional services
**anDREa BV is a Service Operator.

myDRE as a Service

Below myDRE depicted as a service.

The geographical location in which Microsoft Azure region the CORE(3) and the AAD (4) runs, determines where user information is stored and via what Microsoft Azure region the ingress and egress (encrypted in transit) takes place. In case of anDREa BV as a Service Provider this is Microsoft Azure West Europe region.

As to why a Service Provider needs a separate AAD is explained in myDRE and IAM.

myDRE as a service explained



  1. anDREa B.V.
    1. Develops and maintains the code in Github
    2. Provides support to the Service Provider
  2. The code is deployed

  3. Into a dedicated Subscription of the Service Provider
    (anDREa BV, or any other service provider who has a license agreement with anDREa BV)

  4. The Service Provider has under its own Azure Billing Account a dedicated AAD and a Support Team:
    1. Supporting the Support Team of the Tenant(s)
    2. Providing OPS/trouble shooting on the CORE and resources at the Tenant
    3. Providing 24/7/365 Monitoring
    4. Maintaining Knowledge Base / Ticket System
    5. Subscription Enrollment/Offboarding and Exit Strategy
  1. Each Tenant provides under the Tenant’s own Azure Billing Account
  2. A Subscription for its own central optional functionalities (anDREa / myDRE optional services), like (currently available):
    1. Software Share available for all Workspaces
    2. Bastion Architecture
    3. Domain or URL Whitelisting (soon)
    4. License Server Access from anDREa
    5. Azure Firewall
  3. One or more Subscriptions for Workspaces
    1. 100 Storage Accounts / Study (usually 1 storage account per Workspace)

  4. That optionally can connect to ‘local’ resources; data sources, license servers, etc
  5. Local Support Team to support its own users
  6. And to create the Workspaces after validating Workspace requests against their organisation's policies.

  1. Can the CORE and AAD be run in a different Microsoft Azure Region?
    1. Yes, provided that region has the required Microsoft Azure services. See current list of supported Microsoft Azure Regions.
  2. Can a Tenant use a different Microsoft Azure Region?
    1. Yes, however, this is 'locked' per Tenant for now. Provided the required Microsoft Azure services are present in that region. Not so much a technical requirement as to ease of auditability. 
    2. Note, Workspace-to-Workspace transfer does not work (yet) between Workspaces in different Microsoft Azure regions. 
  3. Can a Tenant be its own Service Provider, i.e. a company dedicated myDRE?
    1. Yes, bear in mind the CORE has a monthly running costs of €7-10K/month.
    2. Yes, you need to have your own OPS and 24/7/365 monitoring service, etc
  4. Can a Service Provider make use of anDREa's Knowledge Base?
    1. Yes, the full knowledge base is available
    2. Yes, it is possible to use the same ticket and knowledge base system with own URL; anDREa BV uses ZoHo Desk.
  5. I have more questions
    1. From an organisation perspective, a good starting point is: anDREa FAQ
    2. From a user perspective, a good starting point is: myDRE General
    3. Or otherwise email: stefan.vanaalst@mydre.org (CTO anDREa)

    • Related Articles

    • myDRE - pencilling out the Shared Tenant

      First version: 2021-05-27 Last updated: 2021-05-27 Introduction The following short videos give a quick mental picture of myDRE as a Shared Tenant. The view point taken is that how the enrolment takes place; the technical process on how to make myDRE ...
    • myDRE & Firewalls

      Introduction For domain and URL-whitelisting a Firewall is required. anDREa can provide the following options Using your own organization's firewall with Bastion Architecture (preferred) Using your own organization's firewall Deploying an Azure ...
    • anDREa & myDRE - an Introduction

      Introduction The ultimate proof is in the eating as goes for myDRE. However, you might want to get a taste first. The short videos below give a quick insight. Why myDRE was created Duration: 1:31  (2022-11-15) History of anDREa BV Duration: 4:46 ...
    • myDRE and IAM

      Current implementation Every user will get their own @mydre.org username. Security - every user is subject to the same policies No guest-accounts Minimally every 24h Multi-Factor Authentication (MFA) is required Trusted devices cannot be created ...
    • anDREa & myDRE Information Package

      All the material below is copyrighted by anDREa BV, it is free to be used in connection and only in connection to anDREa B.V. or myDRE. All the content of all the linked presentations, posters, and other material is the same and is subject to ...