Differences

This shows you the differences between two versions of the page.

--- security [2018_01_30 19:15] – [3 Data Security] steven
+++ security [2019_04_10 18:16] – steven
@@ Line 1: / Line 1: @@
 ====== Security ======
@@ Line 9: / Line 6: @@
 ===== 1 Data Center =====
 {{:/security:steps:sme_1_data_center.png}}
-For the hosted SaaS service SME uses multiple data centres in USA and Europe. All data centres are Tier IV facilities and are:\\ \\ USA: SSAE16 SOC1/2 compliant, have 24x7 armed security, facility surveillance, biometric + keycard access to the data floor, keycode access to the cage, plus our own surveillance on top of the facility surveillance.\\ \\ Europe:   The Data Centers have ISO27001:2005, ISO9001:2008 certification, plus 24x7 security, facility surveillance, biometric + keycard + mantrap access to the data floor, locking cabinets with physical key access\\ \\ UK:   This is a new facility, currently undergoing the iso 27001/9001 process and also has 24x7 security,   facility surveillance, biometric + keycard + mantrap access to the data floor, locking cabinets with keycode access\\ \\ All data centres have 24/7 physical security, facility surveillance, biometric ,   keycard entry authentication and   mantrap access to the data floorm uninterruptible power and backup systems\\
+For the hosted SaaS service SME uses multiple data centres in USA and Europe. All data centres are Tier IV facilities and are:\\ \\ USA: SSAE16 SOC1/2 compliant, have 24x7 armed security, facility surveillance, biometric + keycard access to the data floor, keycode access to the cage, plus our own surveillance on top of the facility surveillance.\\ \\ Europe:   The Data Centers have ISO27001:2005, ISO9001:2008 certification, plus 24x7 security, facility surveillance, biometric + keycard + mantrap access to the data floor, locking cabinets with physical key access\\ \\ UK:   This is a new facility, currently undergoing the iso 27001/9001 process and also has 24x7 security,   facility surveillance, biometric + keycard + mantrap access to the data floor, locking cabinets with keycode access
+All data centres have 24/7 physical security, facility surveillance, biometric ,   keycard entry authentication and mantrap access to the data floor uninterruptible power and backup systems.
-===== 2 On the wire security =====
+===== 2 Encrypted Data in Motion =====
+HTTPS is configured by default for all users of the Cloud File Server SaaS users and Appliance.
-{{:/security:steps:sme_2_on_the_wire_security.png}}
+A commercial server that uses HTTPS must have a public key certificate issued that verifies the entity. The end-user can verify the entity by clicking on the HTTPS icon from the browser.
-HTTPS can be configured for all users of the Cloud File Server Saas users and Appliance. HTTPS is an acronym for hypertext transfer protocol secure. HTTPS is similar to the normal hypertext transfer protocol, except tt is different because the âSâ at the end identifies it as having a secure HTTP connection.  \\ \\ A HTTPS connection is used often in businesses where sensitive information, such as credit card numbers, are being passed along at point of purchase sites or other commerce sites The https protocol gives assurance that potential hackers are not able to intercept the message containing sensitive data as it is sent to its destination.\\ \\ A commercial server that uses HTTPS must have a public key certificate issued that verifies the entity. The end-user can verify the entity by clicking on the HTTPS icon from the browser.
+Clients should connect to the File Fabric appliance using a URL that starts with HTTPS. (This is the default).  A valid certificate is required.
+Administrators should also connect to storage providers using HTTPS. For storage providers with a fixed endpoint including AWS S3, Azure, Google Cloud Storage the File Fabric always uses HTTPS.
 ===== 3 Data Security =====