Safeharbor is committed to protecting the confidentiality, integrity, and availability of customer systems and data. We work with our customers to build trust and confidence and ensure private information remains secure. SmartSupport™ uses a highly scalable cloud computing platform with high availability, dependability, and flexibility.
The issues of end-to-end security and end–to–end privacy within the cloud computing world are more sophisticated than within a single data center not facing the Internet. Security is a multi-dimensional business imperative that demands consideration at every level — from security for applications to physical facilities and network security. In addition to the latest technologies, world-class security requires ongoing adherence to best-practice policies. This document provides information about security policies and features Safeharbor abides by to ensure these standards are enforced.
Security is provided on multiple levels: the operating system (OS) of the host system, the virtual instance operating system or guest OS and firewall. Each of these items builds on the capabilities of the others. We ensure data contained within the cloud cannot be intercepted by non-authorized systems or user and server instances themselves are as secure as possible without sacrificing the flexibility in configuration of the application.
Host and Guest Operating Systems: The servers are required to use their individual cryptographically—strong SSH keys to gain access to a bastion host (SSH is a ubiquitous protocol that offers secure, encrypted connections for a variety of purposes, including logging into remote machines, transferring files, setting up encrypted tunnels, running remote commands without manual authentication, and more). These bastion hosts are specifically built systems that are designed and configured to protect the management plane of the cloud. Once connected to the bastion, authorized administrators are able to use a privilege escalation command to gain access to an individual host. All such access is logged and routinely audited.
Firewall: Our cloud computing service provides a complete firewall solution. This mandatory inbound firewall is configured in a default deny mode and only allows inbound traffic. You choose how your traffic gets restricted; you can either restrict it by protocol or by service port, or by source IP address (individual IP or CIDR block).
The SmartSupport™ network provides significant protection against traditional network security issues. When you access our site using industry standard Secure Socket Layer (SSL) technology, your information is protected using both server authentication and data encryption – ensuring that your data is safe, secure and available only to registered users in your organization. Your data will be completely inaccessible to your competitors.
Distributed Denial of Service (DDoS) Attacks: Our cloud framework platform has a robust routing layer which helps balance the traffic load and avoid troublesome and/or unresponsive processes. Standard DDoS mitigation techniques such as syn cookies and connection limiting are also used. To further mitigate the effect of potential DDOS attacks, the application maintains internal bandwidth which significantly exceeds its provider-supplied Internet bandwidth.
Man in the Middle (MITM) Attacks: All of the APIs are available via SSL-protected endpoints which provide server authentication. The cloud database automatically generates new SSH host keys on first boot and logs them to the console. SSH offers a crucial feature — the ability for you to verify the identity of the host to which you are connecting. If you correctly verify the host, then there’s no way an intermediate device could be reading or manipulating your packets. Successful host verification indicates that the connection is encrypted end-toend; – your SSH client has established a secure connection with the SHH server itself, and no intermediate machines have access to that connection. Customers can then use the secure APIs to call the console and access the host keys before logging into the instance for the first time.
IP Spoofing: Instances cannot send spoofed traffic. The host-based firewall infrastructure will not permit an instance to send traffic with a source IP or MAC address other than its own.
Port Scanning: Port scans are notified as violations. These violations are taken seriously, and every reported violation is investigated. When port scanning is detected, it is stopped and blocked. Port scans of the system are generally ineffective because, by default, all unused ports are closed.
Safeharbor data centers are housed in nondescript facilities and have extensive setback and military grade perimeter control as well as other natural boundary protection. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, state-of-the-art intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication no fewer than three times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff. The data center only provides data center access and information to employees who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked.
The application software and application database are backed up daily to ensure recoverability in the event of system failure. Backup files are stored securely on read-only media and secured such that access is limited to appropriate personnel only. Backup files never leave the data center.