Where is SAFER One hosted?
SAFER One is hosted on Amazon Web Services (AWS), including Amazon Elastic Compute Cloud (Amazon EC2), Amazon Relational Database Service (RDS), and Amazon Elastic File System (Amazon EFS), in the United States and EU. AWS offers a reliable platform for software services used by thousands of businesses worldwide. AWS provides services in accordance with security best practices and undergoes industry-recognized certifications and audits (aws.amazon.com/security/). This means that SAFER One members benefit from Amazon’s ongoing commitment to security practices for stored assets.
Where does customer data reside?
Customer data is primarily stored in Amazon RDS instances with some additional data stored on Amazon EFS SAFER Systems designates which physical region individual customers’ data and servers will be located. Data replication for Amazon RDS and EFS objects (i.e. directory, file, and link) is redundantly stored across multiple Availability Zones. SAFER Systems operates SAFER One out of two regions: United States, and EU.
Example: By default, all data from SAFER One customers in the EU will have their cloud data stored in the AWS data center in the EU and that data will not be transferred to data centers outside the EU.
Who controls the SAFER One data centers?
Amazon Web Services controls the physical components and data centers that host the SAFER One digital infrastructure. To help customers better understand what controls AWS has in place and how effectively they are operating, AWS publishes a Service Organization Controls 1 (SOC 1), Type 2 report with controls defined around Amazon EC2, Amazon RDS, Amazon EFS, and Virtual Private Cloud (VPC), as well as detailed physical security and environmental controls. These controls are defined at a high level of specificity that should meet most customer needs.
Are AWS data center tours by customers allowed by Amazon?
No. Due to the fact that AWS data centers host data for multiple customers, AWS does not allow data center tours by customers, as this exposes a wide range of customers to physical access by a third party. To meet this customer need, an independent and competent auditor validates the presence and operation of controls as part of a SOC 1, Type 2 report. This broadly accepted third-party validation provides customers with an independent perspective of the effectiveness of controls in place. SAFER Systems has signed a non-disclosure agreement with AWS and can obtain a copy of the SOC 1 Type 2 report (aws.amazon.com/security/). Independent reviews of data center physical security are also a part of the AWS ISO 27001 audit, the PCI assessment, and the ITAR audit process.
Are third parties allowed to access AWS data centers?
AWS strictly controls access to data centers, even for internal employees. Third parties are not provided access to AWS data centers except when explicitly approved by the appropriate AWS datacenter manager per AWS’ access policy. See Amazon’s SOC 1, Type 2 report for specific controls related to physical access, data center access authorization, and other related controls.
Who is responsible for patching?
SAFER Systems is responsible for patching our own guest operating systems (OS), software and applications running in AWS. AWS is responsible for patching systems supporting the delivery of AWS services, such as the hypervisor and networking services. This is done as required per AWS policy and in accordance with ISO 27001, NIST, and PCI requirements.
Are privileged actions monitored and controlled?
Controls in place limit access to systems and data or data is restricted and monitored. In addition, customer data and server instances are logically isolated from other customers by default. Privileged user access control for AWS infrastructure is reviewed by an independent auditor during the AWS SOC 1, ISO 27001, PCI, ITAR, and FISMA audits.
Does the cloud provider address the threat of inappropriate insider access to customer data and applications?
AWS provides specific SOC 1 covered in the SOC 1, Type 2 report. In addition, SAFER Systems conducts periodic risk assessments on how insider access is controlled and monitored.
How does SAFER One isolate customer data?
All data stored by SAFER Systems, whether on Relational Database Service (RDS) or Elastic File System (EFS), on behalf of customers has strong tenant isolation security and control capabilities. SAFER One Storage utilizes Amazon RDS and EFS, which provide additional advanced data access controls.
Is customer segregation implemented securely?
The AWS environment is a virtual, multi-tenant environment. AWS has implemented security management processes, PCI controls, and other security controls designed to isolate each customer from other customers. AWS systems are designed to prevent customers from accessing physical hosts or instances not assigned to them by filtering through the virtualization software.
Has AWS addressed known hypervisor vulnerabilities?
Amazon EC2 currently utilizes a highly customized version of the Xen hypervisor. The AWS Xen hypervisor security is regularly evaluated by independent auditors during assessments and audits. See the AWS Security Whitepaper for more information on the Xen hypervisor and instance isolation.
Do the provided services support encryption?
SAFER One encrypts data in transit with TLS 1.2.
What are the cloud provider’s rights over customer data?
SAFER One customers retain control and ownership of their data.
Individual SaaS Agreements will dictate additional terms and conditions regarding customer data. Please review the SAFER Systems SaaS Agreement for more information.
Does AWS publish its physical and environmental controls?
Yes. Physical and environmental controls are specifically outlined in the SOC 1,Type 2 report. Additionally, AWS supports ISO 27001 and FISMA certification, which require best practice physical and environmental controls.
Can customers secure and manage access to SAFER One from clients such as PCs and mobile devices?
Yes. SAFER One allows customers to manage client access to their own requirements.
Does AWS allow customers to secure their virtual servers?
Yes. SAFER Systems has implemented its own security architecture on top of AWS based on industry best practices including SANS Top 20 Controls for Internet Security, Consensus Audit Guidelines, NIST guidelines, and Internet standards.
Does AWS include identity and access management (IAM) capabilities?
AWS has a suite of identity and access management offerings, allowing SAFER Systems to manage user identities, assign security credentials, organize users in groups, and manage user permissions in a centralized way. This applies to internal access to the AWS environment, AWS IAM is not utilized for customer user account management.
How does AWS protect against Distributed Denial of Service (DDoS) attacks?
The AWS network provides significant protection against traditional network security. See the Overview of AWS Security Practices Whitepaper for more information on this topic, including a discussion of DDoS.
Does AWS specify data durability?
SAFER One stores data in Amazon RDS and EFS, which provides a durable storage infrastructure. Every file system object (i.e. directory, file, and link) is redundantly stored across multiple Availability Zones. In addition, a file system can be accessed concurrently from all Availability Zones in the region where it is located, which allows SAFER One to replicate from one AZ to other AZs in the region in order to ensure the highest level of application availability. Mount targets themselves are designed to be highly available.
References:
- Overview of AWS Security Practices Whitepaper, March 2013
- AWS Risk and Compliance Whitepaper, January 2013