Security measures

Cyso B.V. in Alkmaar, Nederland.
Processor has taken the following security measures:

Definitions

1.1 The definitions of Cyso Cloud security measures apply to the following document.
1.2 The term data centers refer to the data centers used by Cyso Cloud.
1.3 The term Network & Infrastructure refers to the service we offer and not the customer-created networks within Cyso Cloud.
1.4 Cyso Cloud Infrastructure as a Service (Iaas) Platform:
The offering and maintenance of the infrastructure which by Cyso Cloud is made available to customers on the basis of a virtual platform. We do not refer to the virtual resources and servers that the customer has allocated on the Cyso Cloud Iaas Platform.
1.5 Additional Services:
These are additional security measures that apply to the services we offer our customers.

Data centers

  • Burglary protection by 24x7x365 monitoring through security guards and camera surveillance; intrusion detection and alarm; strict access control through authorization list, access cards and secure ports.
  • Power supply by means of high capacity and at least N+1 redundant power supply; emergency power via autonomous generators and on-site fuel storage and 24x7x365 delivery; completely separate power distribution via A and B feed to rack infrastructure.
  • Fire protection through fully analogue addressable fire detection system in all rooms; smoke detection system; gas extinguishing system in technical rooms.
  • Cooling via high-capacity cooling facility and cooling units, at least N+1; management of temperature and humidity through CRAC units.
  • Certifications: at least ISO 9001, ISO 27001; OHSAS 18001; PCI-DSS; ISO 14001

Network & Infrastructure

  • Cabling in server rooms is separated; separate bundles for power cables and for fiber optic cables or UTP network cabling.
  • Network equipment is spread over multiple data centers, redundancy is present at the level of routers, core switches, internal and external connections (multiple connections to transit suppliers and Internet Exchanges), geographically separated routes between multiple data centers. The entire network is based on dynamic routing in order to automatically route other components of traffic around the failed components in case of component failure.

Cyso Cloud IaaS platform

  • All mission critical components of the platform, for running our Cyso Cloud IaaS platform, are redundant (N+1).
  • Anti-DDoS infrastructure protects critical parts of the network and other infrastructure.
  • Logical access via password policy and / or VPN keys, access lists on Cyso Cloud information systems, firewall, logging of Cyso Cloud information systems and detection systems for certain unauthorized changes.
  • Network segmentation through the use of VLANs.
  • All servers necessary to make the Cyso Cloud IaaS platform available are equipped with a firewall.
  • Update firmware and operating systems of the Fuga Cloud infrastructure to mitigate critical security risks and data leaks.
  • Active monitoring on mission critical platform components

Organisation

  • ISO 27001 and NEN 7510 certification on all services.
  • Confidentiality of employees and third parties engaged, certificate of good conduct obligation for all employees.
  • Security officer within the organization, security awareness training for all employees.

Additional services

  • Anti-DDoS service to protect servers and the platform of customers.
  • Redundant storage for customers (N+2).
  • Availability Zones for the redundant execution of services across multiple logical compute groups.
  • Security Groups act as virtual firewalls for instances and other resources on a virtual network.
  • By default all instances are only accessible through asymmetric cryptography and Secure Shell. These settings can be adjusted as desired.

Cyso Cloud places great importance on a reliable and secure environment for your data and applications. Do not hesitate to contact us if you would like to know what we can do for your organization in the field of Highly Confidential Computing.