Cloud Security Standards in eNlight Cloud Services
Summary: Examining cloud computing security standards, guidelines and features in eNlight Cloud Services.
1) How does eNlight Cloud comply with regulations and legal requirements?
A monthly audit is carried out to ensure that eNlight complies with all necessary regulations and legal requirements, as well as to ensure that ESDS is continuing to provide a quality service. Some of the activities that form part of this monthly audit include:
- Router logs are Inspected and monitored.
- The health of switches is investigated as are the access logs.
- Hosting nodes are also checked to ensure that they are healthy.
The service level agreement (SLA) is in place to guarantee legal compliance where possible. If there are any conflicts then this will also provide a number of different options.
2) Where will my data be geographically located?
All data in eNlight Cloud will be hosted on servers located in our data centers in the India (Nasik / Mumbai).
3) Is my data handled securely?
Enterprise storage devices, such as SAN (Storage Area Networks) are used for the storage of data in eNlight Cloud. SAN represent one the of the most secure storage options available. Additional layers of security are provided in a multitude of ways including:
- Storage is hosted internally and isn’t available from any public networks.
- We have a large amount of storage available at all times to prevent any issues with customers not being able to add additional disk space when it is needed.
- We use hardware virtualization technologies. It means that Cloud VMs are isolated at the hypervisor layer.
- Users are free to choose SSL methods and ESDS provides maximum assistance to get them configured such that Data is always secure in transit.
4) How is service availability assured?
Using Tier 3 data centers, ESDS can guarantee upto 99.99% uptime with the eNlight Cloud. Redundancy is provided right down to the rack level with there being back-up measures in place in the event of power of network supply failure. Read More: Tier standard topology, Are You Sure about the Uptime Differences?
5) How is my data protected against privileged user abuse?
All members of staff with ESDS who are involved in eNlight operations are required to sign an NDA (non-disclosure agreement) / privacy policy that guarantees confidentiality for customers as any breach of this agreement could result in legal action against the member of staff concerned. The data centers itself are also protected with various physical security features that mean only authorized individuals are provided with access to the data floor and the servers running the Cloud. All of servers are also protected by hardware firewalls that will be logging all traffic that goes through them.
6) What levels of isolation are used?
We have developed eNlight Cloud around three layers of isolation, with these being:
- Server logins and client billing details are protected to the highest level; they can only be accessed by the Client.
- We have a secure billing area that is separate from our main website.
- Layer 3 switches are used to create a final layer of network isolation and security.
- eNlight Cloud uses Type-1 hypervisors. These help to provide complete logical isolation between VMs and management flexibility.
7) How are the eNlight systems guarded against threats from the Internet?
The following arrangements are in place to protect eNlight hosting nodes and eNlight VMs from external threats:
- All the servers have their software firewalls enabled as standard.
- Our 24×7 NOC (Network Operations Center) teams ensure all network activities are monitored and any questionable patters are picked up on.
- A specialist IDS (Intrusion Detection System) runs alongside the main router to continuously monitor traffic and blocks known threats such as network viruses. Potential DDOS attacks can able be detected and prevented.
8) How are the activities of servers monitored and logged?
The performance of Virtual Machines in eNlight Cloud is monitored consistently by the platform. eNlight Cloud platform keeps and generates log for each operation and activity that is done on the server. This helps in overall server monitoring and keeping the server healthy. In addition, all the control panel activity logs are available in the Client Area section for future review.