Personal tools

Log in

Changes

From All n One's bxp software Wixi

Jump to: navigation, search

UK Government Cloud Security Principles

8 bytes removed, 13:18, 26 May 2015
no edit summary
At All n One we strive to provide the more secure system to our clients as possible.
This document references All n One's compliance to the UK government cloud security principles. - [https://www.gov.uk/government/publications/cloud-service-security-principles/cloud-service-security-principles UK Government Cloud Principles]
''Consumer data transiting networks should be adequately protected against tampering and eavesdropping via a combination of network protection and encryption.''
All n One utilises SunGard's hosting environment in Parkwest business park Dublin. In this environment SunGard use cisco 5510 firewalls for network protection and Cent OS virtual load balancers utilizing TLS negotiation so we can offer TLS 1.2 to users using the latest browsing software and older versions of TLS for legacy software.(IE6 etc.) We also complete vulnerability tests to ensure All n One's cloud security. For additional information on bxps end to end encryption please view the following link. [- [http://www.bxpsoftware.com/wixi/index.php?title=Bxp_-_BER8_SER2_-_End_to_End_encryption_and_High_Availability End to End encryption and High Availability]]
''Separation should exist between different consumers of the service to prevent one malicious or compromised consumer from affecting the service or data of another.''
All instances of the service are segregated by client. This means that one client instance of the software is unable to get any data from another client system. As the system is a SaaS Solution users from the same system will have to log in using different usernames/passwords. All events that occur from the users are stored in log files so it is possible to review all colleague activity though an audit trail functionality built into bxp.For more information on data segregation please view. [- [http://www.bxpsoftware.com/wixi/index.php?title=The_bxp_Infrastructure#Logical_Infrastructure The bxp Infrastructure]]
''The service provider should have a security governance framework that coordinates and directs their overall approach to the management of the service and information within it.''
''All n One is 80% compliant with ISO 27001 and Cobit 5. All n One currently requires an external audit for validation. Our hosting infrastructure is ISO 27001 complaint which shows that SunGard AS Ireland has developed and implemented a best-in-class information security management system (ISMS) for itself and its customers. For additional information on All n One's certification status please view:'' - [http://www.bxpsoftware.com/wixi/index.php?title=Security_-_Start_Here Introduction to bxp security]
''The methods used by the service provider’s administrators to manage the operational service should be designed to mitigate any risk of exploitation that could undermine the security of the service.''
At All n One we review log files from the service and offer a full audit trail service to our clients for their instances. Our hosting environment SunGard also mitigates against any DDOS or networking attacks through their technical operations centre (TOC). All n One's security department also give consistent security updates to staff and services when available. For more information on our security department view : [http://www.bxpsoftware.com/wixi/index.php?title=Bxp_API Security Department]
Thomas Glennon
343
edits
Retrieved from ‘https://www.bxpsoftware.com/wixi/index.php/Special:MobileDiff/4346