Cloud Computing SecurityNaviSite Managed Cloud Services (MCS) offers a robust, virtualized infrastructure deployed as multiple, secure infrastructure clouds hosted in NaviSite's data centers. The NaviCloud Platform enforces security, privacy, and integrity of enterprise applications and data. NaviSite's comprehensive, multi-pronged approach to security addresses physical, infrastructure, network, identity, data, and compliance requirements. NaviSite Managed Cloud Services includes basic building blocks of a system infrastructure service – virtualized servers; Windows and Linux operating systems; robust storage; state-of-the-art networking; and best-of-breed firewalls. Read This Cloud Computing Security Article Entitled “Cloud Is More Secure” Highly Secure Cloud Computing PlatformNaviSite's SSAE-16 Certified US data centers meet the highest security standards for cloud-enabled data and application integrity. Cloud computing security technologies and services include: - Network Intrusion Detection and Prevention
All customer traffic is carried on secure VLANs, and must pass through a firewall to access other cloud VLANs or physical networks. NaviSite's advanced firewall technology also provides intelligent threat defense with advanced capabilities, including identity-based access control and denial of service (DoS) attack protection. - Firewall Services and Two-Factor Authentication
A shared firewall ensures segregation of VLAN traffic terminating on the same physical segment. A virtualized firewall gives cloud computing customers their own individual security contexts on an enterprise firewall appliance. A dedicated firewall provides cloud customers with a dedicated firewall appliance. - Anti-Virus Systems
NaviSite's real-time security management employs redundant anti-virus software. When combined with sophisticated log aggregation and event correlation, NaviSite facilitates quick and efficient identification and resolution of potential security threats. - File Integrity Services
NaviSite uses TripWire's file integrity services to assess integrity throughout the entire NaviCloud Platform. File integrity services monitor both file and configuration integrity – looking at raw file contents, permissions, registry settings, and security settings. - Data Integrity
NaviSite maintains client data onsite for up to two weeks. Tapes are stored in a secure location within each data center facility. Tight security procedures are in place for tapes sent to secure offsite locations. - Automated Vulnerability Scans
NaviSite employs short- and broad-range automated vulnerability assessments. Short-range assessments are deployed on a monthly basis and include a minimum of five hosts. These vulnerability assessments also include port scans. All of the identified ports are then checked for known vulnerabilities. Broad range assessments are deployed on a quarterly basis for a minimum of 20 hosts. NaviSite also offers third-party penetration testing upon request to simulate an attack to identify and remedy any technology, process, and procedural weaknesses. - Physical Security (Restricted Access, Biometrics, and Surveillance)
NaviSite monitors its data centers from two global network operations centers. Physical access to datacenter facilities is restricted. Entering the building that houses the data center requires mandatory visitor registration, visitor escorts, employee badge access, and biometric palm scanner authentication.
Physical Security and Cloud Computing Environmental SafeguardsNaviSite has also installed sophisticated monitoring devices in each facility: Early-warning fire detection systems; smoke and high temperature detectors; and 24 x 7 digital video surveillance cameras. Full data-grade HVAC systems are set up to regulate air temperature and humidity – maximizing the performance of your equipment. Security also extends to management. Role-based access control ensures that users have only the permissions required for their business or support roles. Permissions can also be set on objects or groups managed by NaviSite. All activity is logged for auditing purposes.
|