Secure Cloud Hosting. No Compromises.



Similar documents
Locking Down the Cloud for Healthcare. Kurt Hagerman Chief Information Security Officer

Secure Cloud Hosting for Healthcare Organizations

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS option 3 for sales

A Decision Maker s Guide to Securing an IT Infrastructure

The Education Fellowship Finance Centralisation IT Security Strategy

White Paper How Noah Mobile uses Microsoft Azure Core Services

Injazat s Managed Services Portfolio

VMware vcloud Air Security TECHNICAL WHITE PAPER

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Simone Brunozzi, AWS Technology Evangelist, APAC. Fortress in the Cloud

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Data Sheet: PCI DSS Compliant ecommerce Hosting

Best Practices for Architecting Your Hosted Systems for 100% Application Availability

AWS Security. Security is Job Zero! CJ Moses Deputy Chief Information Security Officer. AWS Gov Cloud Summit II

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

Stephen Coty Director, Threat Research

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

KeyLock Solutions Security and Privacy Protection Practices

PCI Requirements Coverage Summary Table

DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD

GoodData Corporation Security White Paper

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

PCI Requirements Coverage Summary Table

BMC s Security Strategy for ITSM in the SaaS Environment

Table of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.

Enterprise level security, the Huddle way.

HIPAA Compliant Infrastructure Services. Real Security Outcomes. Delivered.

Global ediscovery Client Data Security. Managed technology for the global legal profession

Tenzing Security Services and Best Practices

SaaS Security for the Confirmit CustomerSat Software

Netzwerkvirtualisierung? Aber mit Sicherheit!

Cloud Security Overview

BAE Systems PCI Essentail. PCI Requirements Coverage Summary Table

Hosted SharePoint: Questions every provider should answer

Anypoint Platform Cloud Security and Compliance. Whitepaper

Building Energy Security Framework

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks

74% 96 Action Items. Compliance

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Payment Card Industry Data Security Standard

Keith Luck, CISSP, CCSK Security & Compliance Specialist, VMware, Inc. kluck@vmware.com

Secure networks are crucial for IT systems and their

eguide: Designing a Continuous Response Architecture Executive s Guide to Windows Server 2003 End of Life

Live Guide System Architecture and Security TECHNICAL ARTICLE

How To Buy Nitro Security

Caretower s SIEM Managed Security Services

Cloud and Data Center Security

Vladimir Yordanov Director of Technology F5 Networks, Asia Pacific Developments in Web Application and Cloud Security

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard

VIEWABILL. Cloud Security and Operational Architecture. featuring RUBY ON RAILS

StratusLIVE for Fundraisers Cloud Operations

HOSTING. Managed Security Solutions. Managed Security. ECSC Solutions

Trend Micro. Advanced Security Built for the Cloud

custom hosting for how you do business

With Eversync s cloud data tiering, the customer can tier data protection as follows:

Network Segmentation

CA Cloud Overview Benefits of the Hyper-V Cloud

PCI DSS Reporting WHITEPAPER

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

MANAGED MICROSOFT AZURE SERVICES

Alcatel-Lucent Services

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

NSFOCUS Web Application Firewall White Paper

APIs The Next Hacker Target Or a Business and Security Opportunity?

Honeywell Industrial Cyber Security Overview and Managed Industrial Cyber Security Services Honeywell Process Solutions (HPS) June 4, 2014

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre

ServerCentral Cloud Services Reliable. Adaptable. Robust.

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Application Security Best Practices. Matt Tavis Principal Solutions Architect

Overcoming PCI Compliance Challenges

Web Application Security. Radovan Gibala Senior Field Systems Engineer F5 Networks

Product Overview. UNIFIED COMPUTING Managed Hosting Compute

Securely Architecting the Internal Cloud. Rob Randell, CISSP Senior Security and Compliance Specialist VMware, Inc.

Product Overview. UNIFIED COMPUTING Managed Hosting Compute Data Sheet

3rd Party Assurance & Information Governance outlook IIA Ireland Annual Conference Straightforward Security and Compliance

Table of Contents. Page 2/13

Troux Hosting Options

Preparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.

Redhawk Network Security, LLC Layton Ave., Suite One, Bend, OR

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

locuz.com Professional Services Security Audit Services

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

Load Balancing Security Gateways WHITE PAPER

319 MANAGED HOSTING TECHNICAL DETAILS

IT Security & Compliance. On Time. On Budget. On Demand.

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

Secure and control how your business shares files using Hightail

Securing the Service Desk in the Cloud

SOC & HIPAA Compliance

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

Private cloud computing advances

Famly ApS: Overview of Security Processes

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Cloud S ecurity Security Processes & Practices Jinesh Varia

Amazon Web Services: Risk and Compliance May 2011

MANAGED SERVICES PROVIDER. Dynamic Solutions. Superior Results.

Cyber Exploits: Improving Defenses Against Penetration Attempts

Transcription:

FIREHOST OVERVIEW cloud is fine for core, granular, Public non- critical business functions. But Secure Cloud Hosting. No Compromises. is an exception... many enterprises are moving mission critical workloads to their cloud. Wendy Nather 451 Group The most advanced and complete secure cloud solution available Every server is protected by the Intelligent Security Model, powered by best in class technology and high performance components, compliant beyond your requirements, and includes complete service. Experience what many are calling the most complete hosted solution, seeing for yourself what it is like to have real power and security behind your applications. Enterprise Security 's Intelligent Security Model provides multiple layers of protection from the physical data center all the way through to the database. Security is the core of 's infrastructure, not something that's been bolted on. Beyond Compliance Enterprise Beyond SECURITY COMPLIANCE The infrastructure exceeds the compliance mandates for HIPAA and PCI DSS with a secure, validated cloud. This auditor friendly environment protects healthcare and payment businesses of all sizes from the risk of crippling cybercrime. Benchmarked Performance Only hardware, software, systems and configurations designed specifically for high performance, production workloads meet the entry criteria for 's secure cloud. Secure servers are ranked #1 for performance in 3rd party benchmarks. Trusted By Complete Service SECURE Proactive support meets control and visibility. With over 24 distinct points of service, a robust API and a powerful portal, serves as an extension of any IT department. We take pride in providing automation with a human touch. Cloud Benchmarked Complete PERFORMANCE SERVICE Global Data Centers LHR01 London, UK PHX01 Phoenix, AZ DFW01 Dallas, TX SIN01 Singapore, SG AMS01 Amsterdam, NL Data Center Locations CDN Points of Presence DNS Points of Presence Secure MPLS Network Page 1 v. 4.1

ENTERPRISE SECURITY How We Solve Security: The Intelligent Security Model The exceptional protection of 's Intelligent Security Model stems from the experience of blocking over half a billion attacks. Our ISM provides: Tracking of cybercrime attack vectors at a macro level Reaction to threats in a way that benefits your infrastructure, as well as the security community Multiple layers of enterprise hardware, patched software, and expert system configurations Specialized security engineers proactively monitoring live security data points around the clock Known Bad IPs 200,000+ Cross-Site Scripting DoS/DDoS Attacks blocked/month packets mitigated MILLIONS 500,000+ blocked/day SQL Injections Cross-Site Request Forgery blocked/month blocked/month 200,000+ of Directory Traversal 300,000+ 200,000+ blocked/month LEARN Payment Compliance High Traffic m to Cu s Security Po li Isolated Cu s Isolated Cu s Cu s m to Security Po li es ci Security Po li es ci Healthcare Compliance m to es ci Security Po li es ci m to Isolated PROTECT Global Continuity Ports 80/443 (Public) No Public Access Segmentation and Additional Security Measures for Non-Public Access Two Factor Authentication L2L Connection SSL VPN Access MPLS Termination Fibre Channel Connectivity Physically Isolated SAN Privileged Access Management Complete Data Obfuscation Page 2

ENTERPRISE SECURITY What We Do Best Above all, is a security company. Providing many layers of protection and service from the physical data center all the way through to your database, our ability to help customers stems from the belief that security is not a feature that can simply be bolted-on to infrastructure at any point. Security is not optional, it's required. Creating Effective Security Reinforce the messaging of corporate responsibility and care of customer data Becoming compliant for PCI/HIPAA Making the PCI/HIPAA compliance process efficient and cost effective Removing the burden of data security in a companyʼs environments Finding a True Hosting Partner a partner who interacts on all layers of the stack, openly welcomes audits/questionnaires, and is willing to engage Creating operational freedom by supporting high intensity applications in the cloud The Secure Cloud Topology As depicted in this sample topology, every cloud server is isolated through hypervisor based firewall technology. This allows clients to deploy a cloud infrastructure with unlimited security zones for the most granular protection available. Look no further for an extremely secure and highly scalable hosting platform, fully managed by expert engineers around the clock. Secure Access Public Traffic Redundant Multi-Factor Authentication Redundant SSLVPN/L2LVPN Secure Access Redundant MPLS Termination Routers w/ip Reputation Filtering DoS/DDoS Mitigation Vulnerability Monitoring Malware Protection Jason Verge 451 Research ware Hypervisor (Hardened) Blade/SAN Architecture High Availability Architecture 20 Gbps Network (Public & Private) Per Firewall Policies Unlimited Security Zones Web Servers Load Balancers LB LB SECURITY ZONE Application Servers SECURITY ZONE Database Servers Isolated Environment Integrity Monitoring Isolated Environment Web Application Firewalls Just as flexible and secure as a much more costly managed private cloud, the only other option comparable in terms of this level of security and flexibility Intrusion Detection Log Management Patch Management SECURITY ZONE SSD Acceleration Secure Remote Access Physically Isolated Network Secure Jump Hosts Privileged Access Management Full Session Recording High Performance SAN (SSD, SAS, SATA & Raw) 16 Gbps Fibre Channel Connectivity Physically Isolated Secure Storage Area Network Secure Data Deletion and Destruction Complete Data Obfuscation SECURE MPLS Page 3

BEYOND COMPLIANCE Compliance Posture And Certifications Compliance Documentation Upon selection, will provide detailed information to the auditor of choice: InfoSec Policy table of contents, related security infrastructure settings and log documentation, CSIRT policies, and other information relevant to a successful audit of the proposed systems. As a global company we routinely work with regulatory entities such as G-Cloud and NHS in the UK. We will be happy to consult with you regarding data sovereignty in each country should you have questions. PCI DSS Level 1 SSAE 16 SOC 1 / SOC 2 HIPAA / HITRUST ISO 27001 has been validated as a Level 1 Service Provider under PCI DSS for our services. Our validation includes specific PCI DSS controls on which customers can rely. COMPLIANCE has been certified against the Common Security Framework (CSF) from the Health Information Trust Alliance (HITRUST) to address HIPAA compliance requirements. has received SOC 1 Type 2, SOC 2 Type 2, SOC 3 and ISAE 3402 reports. These reports demonstrate the viability of ʼs control program over time. has received a certificate of approval for our control program against the ISO/IEC 27001:2005 standard for Information Security Management Systems. Scope of Compliance: Achieve compliance faster and more cost efficiently Physical Security (IP reputation filtering, DDoS mitigation) Application Security (WAF, OS, webserver, database patching) Server Security Administrative Security Data Backup Secure Data Deletion (hardened OS, patching, AV, Log mgmt, FIM) (secure access, two-factor authentication) (nightly volume based, kept for 14 days) (secure deletion upon service termination) (PCI, HITRUST, SSAE 16, ISO 27001) Access Control (logical access control to servers) Maintain Policies (security policies and procedures) Incident Response Risk Assessment Data Management Application Management (IDS, hypervisor firewall, vuln mgmt, SSL certs) Security Audits Change Control Shared (data center, infrastructure) Perimeter Security Network Security (firewall changes, OS patching) (for customer servers) (annual risk assessment) (DBA duties, encryption, backup beyond FH default) (customer specific applications) Page 4

BENCHMARKED SECURITY Ranked #1 by Global Benchmarks The right cloud performance is critical today as more organizations adopt hosted technology to enhance application performance and cut costs in an increasingly competitive business world. It is critical that IT stakeholders consider the appropriate metrics to deploy clouds that have positive returns on investment without impairing performance in speed, flexibility, reliability, control, efficiency and costs. The cloud is built with: Hardware-assisted virtualization & hyper-threading High-performance hypervisor (ware vsphere) SSD acceleration for high IOPs and blended IO loads High-speed memory and lots of it (1600Mhz) Fibre Channel storage connectivity for low-latency Use technology that is redundant & fault-tolerant Configure high availability clusters Best-in-class technology (Dell M620 Blades, Dell Compellent, Brocade) ATS for scalable lock management Compartmentalize storage & compute resources Leverage dynamic resource allocation Maintain resource capacity An independent third party benchmark study, which included seven cloud hosting providers, measured four performance metrics comparing overall server performance, memory speed, processor speed, and storage speed against a control group consisting of dedicated servers. Server Performance: Terremark vcloud HP Cloud Microsoft Azure AWS EC2 Dell vcloud Rackspace Cloud All instances, across all data center locations received an A rating. A B+ B C CC D Storage Performance: Terremark vcloud HP Cloud Dell vcloud Microsoft Azure Rackspace Cloud AWS EC2 AB C+ Memory Performance: HP Cloud AWS EC2 Dell vcloud Rackspace Cloud Microsoft Azure Terremark vcloud DEDICATED All instances, across all data center locations received an rating. DEDICATED All instances, across all data center locations received an rating. AB+ C+ CCD Processor Performance: Microsoft Azure Rackspace Cloud HP Cloud AWS EC2 Terremark vcloud Dell vcloud DEDICATED All instances, across all data center locations received an A- rating. A- B+ B C CC D DEDICATED Page 5

COMPLETE SERVICE Complete Service Managed Services are a core part of a successful, long-term hosting relationship. Our team focuses on the monitoring and maintenance of a hosting solution so that the in-house IT team can focus on growing the business. This starts with a comprehensive deployment and continues with full management of the server, network, and security services. MANAGED BY FIREHOST Hardware Virtual Environment Physical Environment Network Patching IP Reputation Filtering Secure Storage Log Monitoring Web Application Firewalls Snapshot Backups Vulnerability Scanning Intrusion Detection Network Fibre Channel SAN Malware Protection DDoS Mitigation Network Secure Hypervisor Endpoint Security Security Layers Data Center Secure Cloud Servers Security Zones Firewall Ports SHARED MANAGEMENT Secure Remote Access L2L/MPLS Connections Two-Factor Authentication Operating Systems Databases Applications Data User Access Custom Applications Code MANAGED BY CUSTOMER Page 6

COMPLETE SERVICE Secure Portal An integrated portal and toolset provides reliable control, real-time visibility, and the convenience of mobile access. The secure portal is the central command center for your secure cloud hosting relationship with. View all server resource consumption and history to better gauge your application needs Utilize ʼs unique resource scaling methods to ensure your applications are available at all times Analyze all blocked security threats to your servers to see how, and from where, youʼre being attacked Communicate securely with our expert engineers who are available to help around the clock Get the current network and system status across all global datacenters All reporting features are available to authorized users within the my.firehost.com portal as well as via Restful API. You can see an example of the data reporting within the secure portal below. Reporting on Blocked Hacks Real-time insight into the application layer attacks being blocked from your environment. Convenient Global Management Easily manage all servers, whether they're in the U.S., Europe, or Asia Pacific from the global portal. FluidScale to Scale Without Downtime Server Performance Visibility Advanced FluidScale technology to scale resources up anytime without a server restart. Each secure server's performance metrics are available in real time. Track storage usage. solution advisors help configure the appropriate secure cloud solution for your business Call today: (US: +1) 844 682 2859 (UK: +44) 800 500 3167 or visit: www.firehost.com Page 7

OUR CUSTOMERS Common Challenges Every enterprise faces challenges in providing effective security to remain flexible with providing security to application, databases and dedicated systems. Here are a few of our customers that have solved the security, performance, and speed /flexibility challenge. How They Fixed It They classified their applications into sensitive and non-sensitive systems by specifically targeting brands that could be damaged and looking for 'pivot points', which are systems that could be used to help hackers break into sensitive data. They also sorted out compliant from non-compliant, looking for apps that required stringent controls and would require more complex systems. They then created a data island, effectively removing risk for their sensitive data. Enterprises that trust Common Challenges Solved: Security, performance, speed to market and flexibility Case Usage: Otsuka Otsuka is a pharmaceutical company headquartered in Japan. As of 2012, Otsuka employed 40,000 people worldwide. The company focuses on pharmaceuticals related to nutrition. The company is also known for the popular sports drink Pocari Sweat, as well as the depression drug Abilify. Otsuka needed to follow U.S. government regulations for HIPAA and HITRUST. Otsuka's main purpose for seeking a new hosting vendor was to partner with a company with the capabilities and expertise to securely handle their sensitive data in a HIPAA compliant manner. Otsuka's biggest challenges were: HIPAA/HITRUST compliance Outdated operating system Desire for complete segmentation from the hosting environment and Otsuka corporate 24 or less new server implementations Complications with interconnectivity between servers solved all of these issues in short order, including the deployment of all services (22 servers on original order) in 24 hours with a customer OS template. How Has it Improved Their Efficiency? The project stakeholders have been able to focus on applications and deadlines. All compliance issues are solved with working directly with the Otsuka audit team. Otsuka is benefiting greatly by our speed of deployment and managed support, where deployments are done right the first time. In fact, they continue to say that has, saved our IT staff more time than we can calculate. Page 8

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information