Current Release

Previous
Checklist – Your System Integration
Next
Hosting Models

Cloud Security

319 views 0

Security Overview

Simplifier Cloud are offering security mechansim by default for all hosting packages.

Additional you can upgrade to Enterprise Model to fulfill the highest security standards.

Default Security Measures:

  • No Resource Sharing
  • Secure Network Design
  • Secure Administrator Access
  • Data Encryption
  • Patch Management

Optional Security Measures available in Enterprise Hosting Model:

  • Anti-Virus/Malware Protection
  • Web Application Firewall

No Resource Sharing by default

Each Simplifier Customer gets his own tenant and  therefore are completely separated from other customers.

One Tenants includes:

  • Virtual Private Network
  • Subnets
  • Servers
  • Firewall Rules
  • Access Control List
  • Load Balancers (optional)
  • Container Mangement
  • Logs & Monitoring
  • Databases
  • File Volumes
  • Identity Management
  • Site2Site IPSec VPN Tunnels

Secure Network Rules by default

We design our firewall rules to your simplifier application scenario. Our Standard Rules are:

Incoming Network Traffic

  • Only TCP Port 80 and 443 (HTTP/HTTPS) are allowed

Outgoing Network Traffic

  • By Default all network traffic are allowed

Our Network Security will be tested regularly via official pentest and network scanners.

Secure Administrator Access

Our DevOp and Support Team has no direct or public access to your simplifier application.

All our support users are managed centrally with AWS Identity Service managed by our central Identity Management.

The following Security Parameters are in place

  • Dedicated Administrator and Support Roles
  • Multi-Factor-Authentication by default
  • Logging of Administrator Sign-In
  • No open SSH Port or Service

Console access are realized via AWS Connect Service and need no open firewall ports.

Data Encryption by default

To secure from data in the event of data leaks, we encrypt all the relevant storage objects by default.

  • Encryption of Database instances, logs, snapshots and backups
  • Encryption of Data File Volumes

The Encryption Key is managed by AWS KMS – a secure key lifecycle cloud service.

Automatic Patch Management by default

In the world of digital communication, there are a lot of threats according to applications like simplifier. To guarantee the latest updates of all software components, we patch automatically on daily base.

  • Daily Update of Simplifier Docker Container
  • Daily Update of the underlying Host System

Web Application Firewall optional

This additional services helps protect your simplifier applications and APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources. The Web Application Firewall gives you control over how traffic reaches your applications by enabling you to create security rules that control bot traffic and block common attack patterns, such as SQL injection or cross-site scripting.

Benefits of Web Application Firewall

  • Agile protection against web attacks
  • Predefined Rules according  Open Web Application Security Project (OWASP) Top 10 security risks or emerging Common Vulnerabilities and Exposures (CVE)
  • Rules are automatically updated as new issues emerge
  • Easily monitor, block, or rate-limit bots

The Web Application Firewall is included in the Enterprise Model or can be booked for public access models additionally.

Related Articles