Simplifier Cloud are offering security mechansim by default for all hosting packages.
Additional you can upgrade to Enterprise Model to fulfill the highest security standards.
Default Security Measures:
- No Resource Sharing
- Secure Network Design
- Secure Administrator Access
- Data Encryption
- Patch Management
Optional Security Measures available in Enterprise Hosting Model:
- Anti-Virus/Malware Protection
- Web Application Firewall
No Resource Sharing by default
Each Simplifier Customer gets his own tenant and therefore are completely separated from other customers.
One Tenants includes:
Secure Network Rules by default
Incoming Network Traffic
- Only TCP Port 80 and 443 (HTTP/HTTPS) are allowed
Outgoing Network Traffic
- By Default all network traffic are allowed
Our Network Security will be tested regularly via official pentest and network scanners.
Secure Administrator Access
Our DevOp and Support Team has no direct or public access to your simplifier application.
All our support users are managed centrally with AWS Identity Service managed by our central Identity Management.
The following Security Parameters are in place
- Dedicated Administrator and Support Roles
- Multi-Factor-Authentication by default
- Logging of Administrator Sign-In
- No open SSH Port or Service
Console access are realized via AWS Connect Service and need no open firewall ports.
Data Encryption by default
To secure from data in the event of data leaks, we encrypt all the relevant storage objects by default.
- Encryption of Database instances, logs, snapshots and backups
- Encryption of Data File Volumes
The Encryption Key is managed by AWS KMS – a secure key lifecycle cloud service.
Automatic Patch Management by default
In the world of digital communication, there are a lot of threats according to applications like simplifier. To guarantee the latest updates of all software components, we patch automatically on daily base.
- Daily Update of Simplifier Docker Container
- Daily Update of the underlying Host System
Web Application Firewall optional
This additional services helps protect your simplifier applications and APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources. The Web Application Firewall gives you control over how traffic reaches your applications by enabling you to create security rules that control bot traffic and block common attack patterns, such as SQL injection or cross-site scripting.
Benefits of Web Application Firewall
- Agile protection against web attacks
- Predefined Rules according Open Web Application Security Project (OWASP) Top 10 security risks or emerging Common Vulnerabilities and Exposures (CVE)
- Rules are automatically updated as new issues emerge
- Easily monitor, block, or rate-limit bots
The Web Application Firewall is included in the Enterprise Model or can be booked for public access models additionally.