SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales



Similar documents
Secure, Scalable and Reliable Cloud Analytics from FusionOps

GiftWrap 4.0 Security FAQ

custom hosting for how you do business

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

HIPAA Compliant Infrastructure Services. Real Security Outcomes. Delivered.

KeyLock Solutions Security and Privacy Protection Practices

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

Troux Hosting Options

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

Supplier Information Security Addendum for GE Restricted Data

Security from a customer s perspective. Halogen s approach to security

Client Security Risk Assessment Questionnaire

CHIS, Inc. Privacy General Guidelines

John Essner, CISO Office of Information Technology State of New Jersey

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Birst Security and Reliability

StratusLIVE for Fundraisers Cloud Operations

Altus UC Security Overview

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

SaaS Security for the Confirmit CustomerSat Software

Security Controls What Works. Southside Virginia Community College: Security Awareness

Tenzing Security Services and Best Practices

Table of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.

IBX Business Network Platform Information Security Controls Document Classification [Public]

Vendor Questionnaire

Art Gross President & CEO HIPAA Secure Now! How to Prepare for the 2015 HIPAA Audits and Avoid Data Breaches

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

IT Best Practices Audit TCS offers a wide range of IT Best Practices Audit content covering 15 subjects and over 2200 topics, including:

TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES. Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1

Navigating The World of Cloud Computing

H.I.P.A.A. Compliance Made Easy Products and Services

twilio cloud communications SECURITY ARCHITECTURE

AWS Security. Security is Job Zero! CJ Moses Deputy Chief Information Security Officer. AWS Gov Cloud Summit II

Cloud Services Overview

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

Security & Infra-Structure Overview

HIPAA: MANAGING ACCESS TO SYSTEMS STORING ephi WITH SECRET SERVER

The Cloud is Not Enough Why Hybrid Infrastructure is Shaping the Future of Cloud Computing

Supplier Security Assessment Questionnaire

BMC s Security Strategy for ITSM in the SaaS Environment

Simone Brunozzi, AWS Technology Evangelist, APAC. Fortress in the Cloud

What is the Cloud, and why should it matter?

Cloud Computing: Risks and Auditing

Cloud Computing Trends, Examples & What s Ahead

Security Threat Risk Assessment: the final key piece of the PIA puzzle

Unified Security Anywhere HIPAA COMPLIANCE ACHIEVING HIPAA COMPLIANCE WITH MASERGY PROFESSIONAL SERVICES

HIPAA Privacy & Security White Paper

Projectplace: A Secure Project Collaboration Solution

Vendor Audit Questionnaire

Dell Cloud Services. Services

Compliance Challenges. Ali Pabrai, MSEE, CISSP (ISSMP, ISSAP) Member, FBI InfraGard. Increased Audits & On-site Investigations

HIPAA/HITECH Compliance Using VMware vcloud Air

Cloud S ecurity Security Processes & Practices Jinesh Varia

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Virginia Government Finance Officers Association Spring Conference May 28, Cloud Security 101

Cloud Contact Center. Security White Paper

Payment Card Industry Data Security Standard

PierianDx - Clinical Genomicist Workstation Software as a Service FAQ s

Retention & Destruction

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

White Paper. BD Assurity Linc Software Security. Overview

Managing Cloud Computing Risk

A Decision Maker s Guide to Securing an IT Infrastructure

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Electronic Prescribing of Controlled Substances Technical Framework Panel. Mark Gingrich, RxHub LLC July 11, 2006

Clinical Trials in the Cloud: A New Paradigm?

Small Business IT Risk Assessment

Cloud Security Overview

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

Security Tool Kit System Checklist Departmental Servers and Enterprise Systems

Altius IT Policy Collection Compliance and Standards Matrix

Security Issues in Cloud Computing

All the benefits of Public Cloud on Private, Dedicated Infrastructure. Benefits. Enterprise-Level Security. High Performance. Compliant and Audited

HIPAA Compliance for Mobile Healthcare. Peter J. Haigh, FHIMSS Verizon

Injazat s Managed Services Portfolio

Research Information Security Guideline

PCI DSS 3.0 Compliance

Stephen Coty Director, Threat Research

Security Overview Enterprise-Class Secure Mobile File Sharing

NET ACCESS VOICE PRIVATE CLOUD

FormFire Application and IT Security. White Paper

Security Practices, Architecture and Technologies

Hosted SharePoint: Questions every provider should answer

Enterprise level security, the Huddle way.

THE BLUENOSE SECURITY FRAMEWORK

HIPAA in the Cloud. How to Effectively Collaborate with Cloud Providers

SysAid IT On-Demand Architecture Including Security and Disaster Recovery Plan

Transcription:

SMS Systems Management Specialists Cloud Computing Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales

Cloud Computing The SMS Model: Cloud computing is a model for enabling ubiquitous, convenient, on-demand access to a dedicated or shared pool of computing resources (e.g., servers, storage, networks, and services) that can be rapidly provisioned with minimal management or effort by the customer. SMS is providing a customizable Dedicated as well as a more cost effective Shared Cloud model that allows you to pay for use based on the smallest commitment that is practical. As a business customer your resource requirements can be predictable and schedulable. We work with you to create standard models that reflect your application environment, so that when you need to activate an environment the only issues that need to be dealt with are resource sizing and utilization. The Cloud environment is built around a dedicated OS that can be configured to meet your needs. The environment can be either Microsoft or Linux based, with a wide variety of development and system utilities. Customers select the CPUs, Storage Tiers, Network Services that are dedicated to the environment and can be in production within hours.

Vision and Value Proposition Responsibility for your business results came from many years of experience that taught us that when the customer is experiencing a problem we are all responsible until resolution. Information Technology is a business of solving problems.

SMS History Founded in 1982 Global Offices: Irvine, CA, Madrid, Malaga, Buenos Aires, Caracas Over 600 Employees Globally Privately Held Net Income Positive Over 20+ years of proven Infrastructure Hosting and Outsourcing Pioneer of Fixed Monthly Cost Model Awarded Inc. 500 Fastest Growing Companies Award Won the Federal Government Outsourcer of the Year for the NASA Space Shuttle Program

Cloud Definitions + SMS Value Cloud Definitions (as related to Virtualization of Servers) Public Cloud the market generally thinks of this as a virtual server provided on shared multi-tenant infrastructure Amazon EC2 and Azure are examples. Dedicated Cloud Hosting Marketed by companies like Rackspace and Design Data as virtualized dedicated single tenant servers. Service provider typically pays for the hardware. Private Managed Cloud The SMS Enterprise offering. Our infrastructure is private, and secure however, the service is Completely Managed from a dedicated or shared perspective. Grupo SMS Customer Value Customers can eliminate the cost, complexity, and security issues associated with physical servers SMS reduces complexity by transforming virtual server computing into a cloud based outsourced renting service Local meaning low latency hosted in an SMS owned purpose built Tier III datacenter Ability to Scale Enterprise Level Infrastructure Zero cost and risk, associated with selecting, owning or managing the physical on-site resources Instant time to value rapid provisioning of servers Simplified management

Differentiators vs AWS and others Customizable Dedicated or Shared Private Managed Cloud and Hybrid with Colocation Completely Managed or Shared Responsibilities Build your own size VMs with cores in.50 increments No new GUIs or Web Portals to learn More than just Infrastructure Business Partner Consulting Approach Onsite and Offsite Network Management Design, Circuit procurement, Monitoring Voice Services Hosted PBX and SIP Business Continuity and Disaster Recovery Design Application Development Virtual Desktops Professional Services Proven Enterprise Architecture from elite Manufacturers Separate Redundant Networks for Internet, Storage, and Back-up Adaptive Flash, Fiber Channel and iscsi Storage Layer 2 Connectivity from over 9 carriers Onsite and Offsite Designs for Redundancy and DR

Security and Compliance SOC 2 Audited Datacenter Physical Security Data center access controlled and limited to only Authorized Personnel listed on each customers form and controlled by an Administrator Mantrap, Key-card and Scramble pad for controlled data center access Security camera monitoring and recording throughout the entire data center 24x7 onsite staff provides additional protection against unauthorized entry as well as patrolled after hours perimeter security Operational Security Best practices used in the random generation of initial passwords All passwords encrypted during transmission and while in storage Secure media handling and destruction procedures for all customer data Support-ticket history available for review via customer portal System Security System installation using hardened, patched OS System patching configured by Grupo-SMS and coordinated with customers to provide ongoing protection from exploits Dedicated firewall and VPN services to help block unauthorized system access Data protection with managed backup solutions Anti-virus protection Web Application firewalls IDS/IPS solutions

Certifications The SMS Group maintains the following regulatory and compliance standards: SOC 2 Audit formally known as a SAS70 Audit ISO 27001 ISO 9001 ISO 14001 Sensitivity to: PCI as a Service Provider HIPAA as a Service Provider ISO as a Service Provider SOX SMS Supports all three areas of data security, ensuring the security of customer data

PCI Compliance

HIPAA Compliance Framework The Privacy Rule defines and limits the circumstances in which individual identifiable health information may be used or disclosed by covered entities. This information includes demographic data such as name, address, birth date, Social Security Number and information that relates to: The individual s past, present, or future physical or mental health or condition The provision of healthcare to the individual The past, present, or future payment for the provision of healthcare to the individual The Privacy Rule calls this information Protected Health Information (PHI) The Security Rule covers the protection of the confidentiality, integrity, and availability of electronic protected health information (ephi). It prescribes a number of required policies, procedures, and reporting mechanisms that must be in place for all information systems that process, store, and transmit ephi within and between covered entities and contains multiple proposed requirements (or standards) and implementation specifications designed to protect the confidentiality, integrity and availability of ephi within each enterprise. These specifications fall into five categories: 1. Administrative Safeguards ( 2. Physical Safeguards ( 164.310) 3. Technical Safeguards ( 164.312) 4. Organizational Requirements ( 164.314) 5. Policies and Procedures ( 164.316

HIPAA Compliance HIPAA Compliance Roles and Responsibilities Checklist SMS Shared Customer Physical Security (Datacenter, Infrastructure) Perimeter Security (IP reputation filtering, DDoS mitigation) Application Security (WAF, OS, webserver, database patching) Network Security (IDS/IPS, hypervisor firewall, vulnerability mgmt, SSL certs) Server Security (Hardened OS, patching, anti-virus, log mgmt) Administrative Security (Secure access, two-factor authentication) Data Backup (Nightly volume based, client based, custom retention) Secure Data Deletion (Secure deletion upon service termination) Security Audits (PCI, HITECH, SOC2/SAS70, ISO 27001, Vulnerability Scans) Access Control (Logical access control to server) Maintain Policies (Security policies and procedures) Change Control (Firewall changes, OS Patching) Incident Response (For customer servers) Risk Assessment (Annual risk assessment) Data Management (DBA duties, encryption) Application Management (Customer specific applications)

Reference Architecture

Partners and Service Providers

Why Grupo SMS? Benefits for Enterprises Local specialist in cloud computing, managed services, and professional services Support via onsite meetings, phone, or email We offer customizable solutions and think outside of the box The scale to meet our customers needs Avoid Cloud Lock. Unlike others our service is local, accessible, portable, and a client is always able to access their data onsite. Provide BGP Multi-homed bandwidth and inexpensive Layer 2 connectivity Monitoring and onsite access 24/7/365 Tier 3+ Data Center Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales