Is KCloud secure?
Is KCloud Secure? KCloud managed SAP HANA IaaS provides managed cloud infrastructure to host SAP ECC or HANA applications enabling customers with innovative ways to build, operate and consume technology. Cloud is imperative for enterprises, however, there are many doubts that need to be addressed.
USD 9M is the cost on an average enterprise loses due to cyber-crime. 720M hack attempts are made daily. Trends such as the cloud, the Internet of Things (IoT), and mobility bring unique risks, threats, and vulnerabilities. Each of these IT environments has different attack surfaces, threat profiles, require different security technologies and access control requirements. So security is the most commonly discussed but central focus among our prospects at all levels. This blog is to understand the security measures at KCloud to ensure uninterrupted service and highest level of data protection
Understanding cloud security, in the context of managed SAP IaaS the following areas have to be deliberated upon:
- Personnel / Organization
- External threats & sabotage
- Security operations
Datacenter security, seeing is believing is what most of our customers did by visiting and inspecting our infrastructure. KCloud co-located its infrastructure with a global leader and the largest in colocation service with over 180 datacentres worldwide and highest standards, assuring the availability of 99.99999%.
The 5 level physical access security including multiple levels of biometrics prevents unauthorized access to physical infrastructure. All coupled with proven processes it ensures we maintain your mission-critical operations and equipment under any circumstances
Hardware security, KCloud hardware infrastructure is designed with N+1 high availability hardware cluster principle to avoid any single point of failure. This includes all the building blocks of the infrastructure from perimeter devices like link aggregator, firewalls in-line network security, core network switches, computing servers, storage systems and management layers. Coupled with the right mix of software the performances are maintained uninterrupted and secured.
Personnel and Organization security, KCloud personnel are inducted after stringent verification process that includes background checks. Training and certifications are mandatory in their respective areas. Roles and responsibilities are segregated based on best industry practices to prevent any potential infringement. Accesses are limited by the individual’s role and tightly controlled. Secure operations covering the management of assets, change, and incidents in network, security, and SAP (basis) operations. These processes and measures are regularly audited for compliance and continuous improvements in security processes.
External threats & sabotage, are a growing problem for organizations, and they only become worse and multiply with every passing day. We understand the critical nature of the business systems hosted in KCloud and every possible measure are considered. We consider the best insurance policy is to establish a comprehensive data back-up of all customer systems which are encrypted and stored at multiple sites with the ability to recover.
On the prevention side we have multiple layers of controls:
- 3 layer of next generation firewalls different technologies, zero (0) day update which prevent unauthorized access, DOS/DDOS, intrusion detection & prevention
- Customer VDOM, this ensures every customer resources are fenced
- IPSec VPN, SSL VPN for customer site connectivity and encrypted data transfers
- Web application firewall + Web dispatcher in DMZ for shielding application level threats
- 2-factor authentication for maintenance personnel
- Periodic security audit, Vulnerability and Penetrations Tests (VPAT) by 3rd party
- Industry best products utilized for Antivirus and malware protection
SOC – Security operations center, KCloud security operations center monitors and reports alerts and details of suspicious activities 24×7. Central monitoring of network, firewall, and servers in real time for unauthorized access, malware, and other potential vulnerabilities. With round the clock monitoring, we are able to quickly respond to threats that may sometimes require to bring down a service but eventually protecting customer data and systems.
We will also support your organization to fully understand how to integrate security into your environments. Protect your users, networks, and devices through secure design, transformation, integration and implementation for compliant, and integrated security across your IT ecosystem.