infrastructure, security & compliance
Our Cloud Infrastructure, Security & Compliance
We supply systems to private companies, public companies, the military, International Banks and Governments – we will have the right sized scalable solution that fits both your need and your budget.
As part of our standard service we will host your application on our multi-tenant Cloud Infrastructure.
We use the same backbone cloud infrastructure as all the major Internet players – so you can be sure your experience with us will be exactly the same as if you were shopping on Amazon or checking your email at Google.
Our data centers are ‘lights out’ locations and use military grade access security. Our servers are residing in a highly secure infrastructure that is ISO rated and audited each year – we will happily show you the audit report
Certifications & Compliance
Our platform is hosted in an environment that has the following certificates of compliance :
- ISO/IEC 27001
- ISO 9001
- ISO 14001
- OHSAS 18001
- SSAE 18
- SOC 1
- SOC 2
- SOC 3
- Privacy Shield
EYVO and NIST 800-171
Our own company already operates and adheres to the latest NIST 800-171 security framework standards and will be aiming for certification during Q4 2020. We have in place a Systems Security Plan and a Plan Of Action to address any identified gaps. We also maintain a long list of security policies, procedures and controls to address everything in the NIST 800-171 Standard.
- Keycard protocols, biometric scanning protocols and round-the-clock interior and exterior surveillance monitor access to every one of our data centers.
- Only authorized data center personnel are granted access credentials to our data centers. No one else can enter the production area of the datacenter without prior clearance and an appropriate escort.
- Every data center employee undergoes multiple and thorough background security checks before they’re hired.
- Every data center’s HVAC (Heating Ventilation Air Conditioning) system is N+1 redundant. This ensures that a duplicate system immediately comes online should there be an HVAC system failure.
- Every 90 seconds, all the air in our data centers are circulated and filtered to remove dust and contaminants.
- Our advanced fire suppression systems are designed to stop fires from spreading in the unlikely event one should occur.
- Should a total utility power outage ever occur, all of our data centers’ power systems are designed to run uninterrupted, with every server receiving conditioned UPS (Uninterruptible Power Supply) power.
- Our UPS power subsystem is N+1 redundant, with instantaneous failover if the primary UPS fails.
- If an extended utility power outage occurs, our routinely tested, on-site diesel generators can run indefinitely.
Core Routing Equipment
- Only fully redundant, enterprise-class routing equipment is used in our data centers.
- Fiber carriers enter our data centers at disparate points to guard against service failure.
- We require that the networking and security teams working in our data centers be certified. We also require that they be thoroughly experienced in managing and monitoring enterprise level networks.
- Our Certified Network Technicians are trained to the highest industry standards.
Dedicated, Managed Firewalls
- We use Cisco PIX Firewalls – the industry standard and leader – Without exception we take data security seriously, so seriously that we have a wide array of security services to meet a wide range of requirements. You have valuable and confidential information stored on our equipment. We make it our job to provide you with the expertise, services and solutions to secure your data based on your requirements and for many of our customers, managed firewalls are a primary and vital component of security. Fully supported around the clock by our thoroughly qualified Security Engineers, the firewall is dedicated completely to your environment.
In partnership with our Custom Application Delivery Team, you may also run your own private cloud. It has the same benefits as all of the above but with the added difference that its not shared and you may also layer on top of it any custom application code you need. We allow you to change our code base to better fit your ideas of how the system should perform around your business.
Furthermore, we will provide you with structured access through our firewall so that you, and only you, can gain access to your raw data – perhaps to run additional reports or to link to 3rd party tools.
How we secure against brute force hacking
For regular retail clients – Access to our application can be as simple as just entering your userid and password but we would not recommend that route – usually that’s for systems that are self-hosted and that are behind a hardened corporate firewall.
For systems that we host for you on the public internet, we provide three additional optional pieces of access security:
CAPTCHA – This is a process that protects websites against bots by generating and grading tests that humans can pass but current computer programs cannot. For example, humans can read distorted text but current computer programs can’t – this optional piece is free of charge to switch on and is implemented system wide and affects all users on the system.
2 Factor Authentication (2FA) – The Knowledge factor and the Possession factor. In other words this works on the premise of something you know and something you have – a well known principle in computer security. In our implementation of 2FA we assume you can receive an SMS text message on your cell phone or you have a smart phone. After you have entered your userid/password (and the optional Captcha code) then you are asked to enter the 2FA verification code which you get from either an SMS message or the installed app on your phone. This verifies that you really are who you say you are – this optional piece does generally incur a small cost per user and is implemented on a per user basis only (for a minimum of 6 users) and so can be rolled out to all users or only to users who have high levels of approval authority.
Static IP & VPN – We only grant access through our Firewall from your fixed static IP address and also only via our VPN – this really locks you down to access from a specific site and ensures no one can ‘listen in’.
Eyvo Security Downloadables
We have a specific downloadable White Paper on this subject that you may like to download to share with your colleagues available from here
Cloud Security Alliance
You may also download our Cloud Security Self Assessment (CAIQ v3.0.1) Response Document here
Contact us for more information.