Logicalware utilises Amazon Web Services (AWS) for our infrastructure which has achieved ISO27001 certification and successfully undertaken multiple SSAE 16 Audits. For more information on the security of AWS you can refer to http://aws.amazon.com/security/
Physical and Environmental Security
AWS’s data centres are state of the art, utilizing innovative architectural and engineering approaches. Amazon has many years of experience in designing, constructing, and operating large-scale data centres. This experience has been applied to the AWS platform and infrastructure. AWS data centres are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data centre floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.
AWS only provides data centre access and information to employees and contractors who have a legitimate business need for such privileges. When an employee no longer has a business need for these privileges, his or her access is immediately revoked, even if they continue to be an employee of Amazon or Amazon Web Services. All physical access to data centres by AWS employees is logged and audited routinely.
Logicalware employees do not have physical access to any facilities.
Fire Detection and Suppression
Automatic fire detection and suppression equipment has been installed to reduce risk. The fire detection system utilizes smoke detection sensors in all data center environments, mechanical and electrical infrastructure spaces, chiller rooms and generator equipment rooms. These areas are protected by either wet-pipe, double-interlocked pre-action, or gaseous sprinkler systems.
The data center electrical power systems are designed to be fully redundant and maintainable without impact to operations, 24 hours a day, and seven days a week. Uninterruptible Power Supply (UPS) units provide back-up power in the event of an electrical failure for critical and essential loads in the facility. Data centers use generators to provide back-up power for the entire facility.
Climate and Temperature
Climate control is required to maintain a constant operating temperature for servers and other hardware, which prevents overheating and reduces the possibility of service outages. Data centers are conditioned to maintain atmospheric conditions at optimal levels. Personnel and systems monitor and control temperature and humidity at appropriate levels.
AWS monitors electrical, mechanical, and life support systems and equipment so that any issues are immediately identified. Preventative maintenance is performed to maintain the continued operability of equipment.
Storage Device Decommissioning
When a storage device has reached the end of its useful life, AWS procedures include a decommissioning process that is designed to prevent customer data from being exposed to unauthorized individuals. AWS uses the techniques detailed in DoD 5220.22-M (“National Industrial Security Program Operating Manual “) or NIST 800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the decommissioning process. All decommissioned magnetic storage devices are degaussed and physically destroyed in accordance with industry-standard practices.
Our customers are serviced from a single production network.
Our inbound firewall is configured in a default deny mode with ports explicitly opened to allow inbound traffic. Traffic can be restricted by protocol, service port, and source IP address.
Our firewall is configured to permit only the absolute minimum connectivity required to provide the service to our customers. Any changes to the access rules require authorisation using our X.509 certificate and key.
The AWS network provides significant protection against traditional security issues. The following are examples:
Distributed Denial Of Service (DDoS) Attacks
AWS API endpoints are hosted on large, Internet-scale, world-class infrastructure that benefits from the same engineering expertise that has built Amazon into the world’s largest online retailer. Proprietary DDoS mitigation techniques are used. Additionally, AWS’s networks are multi-homed across a number of providers to achieve Internet access diversity.
Man in the Middle (MITM) Attacks
All of the AWS APIs are available via SSL-protected endpoints which provide server authentication. Amazon EC2 AMIs automatically generate new SSH host certificates on first boot and log them to the instance’s console. You can then use the secure APIs to call the console and access the host certificates before logging into the instance for the first time. We encourage you to use SSL for all of your interactions with AWS.
Amazon EC2 instances cannot send spoofed network traffic. The AWS-controlled, host-based firewall infrastructure will not permit an instance to send traffic with a source IP or MAC address other than its own.
Unauthorized port scans by Amazon EC2 customers are a violation of the AWS Acceptable Use Policy. Violations of the AWS Acceptable Use Policy are taken seriously, and every reported violation is investigated. Port scans of Amazon EC2 instances are generally ineffective because, by default, all inbound ports on Amazon EC2 instances are closed and are only opened by you.
Packet sniffing by other tenants
It is not possible for a virtual instance running in promiscuous mode to receive or “sniff” traffic that is intended for a different virtual instance. While you can place your interfaces into promiscuous mode, the hypervisor will not deliver any traffic to them that is not addressed to them. Even two virtual instances that are owned by the same customer located on the same physical host cannot listen to each other’s traffic. Attacks such as ARP cache poisoning do not work within Amazon EC2 and Amazon VPC.
We utilise AWS for our entire computing infrastructure. AWS owns the physical hardware and AWS provides security groups to limit access to device which we fully utilize to limit access to our computing resources.
Our production environment is completely separate from the other environments, including development and QA.
AWS provides Identity Access Management (IAM) to control access to AWS resources which we use to manage separate, restrictive credentials for each of our environments limiting the services available to each environment and compartmentalizes them. We also use AWS IAM to delegate monitoring and management capabilities to operations staff and prevent destructive actions.
SSH keys are required to gain console access to our servers, in any of the environments.
Individually identifiable RSA key pairs are used for SSH access, and root login is disabled to insure that there is a complete audit trail from a specific action back to the specific individual who triggered that action.
We implement strong encryption in our application via SSL to minimise the chance of someone possibly intercepting sensitive information including username/password combinations. All logins to MailManager require SSL and all interfaces including the API utilise SSL throughout. We also utilise optional TLS for the transfer of emails from your mail server to our application.
Common Attacks Protection
User Interface Login – SSL encryption is required
XSS – User email HTML view is sanitized to prevent malicious email attacks
SQL Injection – We use prepared statements to avoid SQL injection issues
CIDR Based IP Restriction
It is possible to lock down the application to a specific IP address or IP range with exceptions in place for Managers/Supervisors to enable remote working.
Only password hashes are stored within the database, there is no way for us to retrieve user passwords.
Data in stored within a PostgreSQL database on AWS RDS with attachments stored within AWS S3. All data except passwords/authentication tokens are stored within clear text.
Amazon RDS has multiple features that enhance reliability for critical production databases, including automated backups, DB snapshots, automatic host replacement, and Multi-AZ deployments.
Access to Customer Data
Logicalware staff does not have access to customer data as part of normal company operations. Only for support purposes or where required by Law, will be interact with customer’s data but only at the request of the customer.