Security

Security

OpSource provides multiple levels of security from the data center on up to the applications. Both our Cloud Hosting and Managed Hosting platforms have unique security features.

Secure Datacenters

OpSource delivers its Cloud and Managed Hosting Solutions from top-tier colocation facilities in Sunnyvale, CA; Ashburn, VA; London, UK; and Paris, France. Our facilities meet or exceed Tier III standards, the highest commercially available datacenter rating as measured by the Uptime Institute.  Network connectivity is provided by Global Tier-1 IP Networks.

• All areas within the facility are monitored 24x7x365 by closed-circuit cameras and onsite guards
• OpSource data center space is physically isolated and accessible only by OpSource administrators
• Access is restricted to authorized personnel through biometric two-factor authentication
• CCTV digital cameras cover the entire center, including cages, with detailed 24x7 surveillance and audit logs

 

OpSource Cloud Hosting Security

OpSource Cloud Hosting provides the security and control enterprises demand.  Unlike other commodity cloud services, OpSource provides an environment to configure and lock-down your compute and storage environments. With Opsource Cloud Networks, customers are able to configure VLANs between servers, configure ACL-based firewalls, and control and track administrative usage. Data is encrypted while being transferred as well as at rest.

OpSource Cloud Servers and OpSource Cloud Files, our cloud-based compute and storage services, can be linked by OpSource Cloud Networks, our customer-controlled network configuration services. Rather than implementing our network security on top of our virtualized servers, OpSource Cloud Networks is a truly network-based implementation running within our Cisco switching fabric. Customers manage and configure OpSource Cloud Networks via the web-based OpSourceCloud.net user interface or Open API.

Customer-Controlled Network Configuration

• Configurable Layer-2 VLANs based on Cisco-based switching fabric
• Customizable ACL-based firewall rules allow you to control access into each network VLAN
• NAT and VIP functions to expose your private IP addresses to the public Internet
• Load-balancing and port translation across multiple virtual servers, with the ability to take servers in and out of service manually, programmatically, or based on monitoring probes
• Layer 2 Multicast support for clustering implementations

Denial of Service Protection

• Protection against Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, worms or botnets

Encryption

• Data stored with 256-bit encryption at rest and 128-bit SSL encryption while in transit

Secure Access

• Access to OpSource Cloud via the Public Internet, MPLS, VPN, Carrier Ethernet or Private Networks

Role-based Administrative Control

• VPN administration of all servers
• Unique username and password for multiple administrators
• Role-based permissions allow administrator to limit sub-administrators to manage only certain resources, such as servers, storage or networks. This allows Enterprise IT to assign control of their cloud to different IT functions, such as IT Administrators, Storage Administrators and Network Engineers.

Reporting

• Audit logs of all environmental changes

Compliance

• OpSource maintains SSAE-16 attestation in conjunction with our auditor SSAE 16 Solutions. Our SSAE-16 attestation is based on an in-depth series of documented controls covering the operational management of the OpSource Cloud Hosting infrastructure.

24x7 Incident Response

• OpSource Security Incident Response Team (OSIRT) to handle reports of security incidents. The OSIRT will escalate the incident to law enforcement and/or executive management as prescribed in security policies.

 

OpSource Managed Hosting Security

With the constant threat of security breaches, having a clear and robust security implementation is a necessity, not an option. OpSource is guided by a “defense-in-depth” security strategy, in which a series of security layers are implemented so that no single solution is relied upon to provide security.

Firewall

• Fully-managed, hardened, stateful inspection firewall technology with customized customer-specific firewall rules

Intrusion Detection

• Fully-managed Intrusion Detection System (IDS) utilizing signature, protocol and anomaly based inspection methods 

Edge-to-Edge Security Visibility

• Edge-to-edge security, visibility and carrier-class threat management and remediation utilizing industry leading Arbor Networks Peakflow to compare real-time network traffic against baseline definitions of normal network behavior, immediately flagging all anomalies due to security hazards.

Denial of Service Protection

• Protection against Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks, worms or botnets

Secure Access

• Access to OpSource Cloud via the Public Internet, MPLS, VPN, Carrier Ethernet or Private Networks

SSAE 16 and PCI Compliance

• OpSource maintains SSAE-16 attestation in conjunction with our auditor SSAE 16 Solutions. Our SSAE-16 attestation is based on an in-depth series of documented controls covering the operational management of the OpSource Cloud Hosting infrastructure.
• OpSource offers a PCI-compliant environment that implements a number of security measures required for applications storing, transmitting, or processing credit or debit card information.

24x7 Incident Response

• OpSource Security Incident Response Team (OSIRT) to handle reports of security incidents. The OSIRT will escalate the incident to law enforcement and/or executive management as prescribed in security policies.