Physical Security
Physical Data Centre security measures can include keyed or electronic locks on your Edge and Modular DC enclosure, through to bollards, fencing, simple removal of any signage and other identifiable labels.
Logical Security
Also called Data Security, it can include application and network access restrictions through use of usernames and passwords.
Device Signing
Data Protection measures should include
EACS
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
CCTV
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
Data Encryption
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
HSM Solutions
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
Key Management
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
PKI
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
Network Link Encryption
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
Backup & Archive
Maintaining regular backups and archives of your critical business data delivers a valuable form of data protection, particularly when using Hybrid Storage solutions which include off-site disconnected data replication.
Virus Protection
Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.
Offsite Data Replication
Replicating and/or backing up data to an off-site, secure and disconnected data repository helps protect against data loss from both physical loss, system failure and cyberattack.
Encryption at Rest
Ensuring your data is encrypted while stored on disk (and tape if used) helps protect against unauthorised physical and logical access. Using transparent data encryption can also limit access to sensitive data by system level administrators.
Asset Management
Servers, data storage and backup devices can all contain sensitive corporate data.
Knowing where each of these devices are physically located, when they were decommissioned, and how data has been removed or destroyed on the device brings Asset Management into the Security Strategy.
Featured
Security Platforms
nCipher nShield HSM Solutions
nCipher Security’s nShield Hardware Security Modules (HSMs) are hardened, tamper-resistant devices that protect your company’s most sensitive data. These FIPS 140-2 certified modules perform cryptographic functions such as generating, managing and storing encryption and signing keys, as well as executing sensitive functions within their protected boundaries.nShield HSMs help you to:
- Achieve higher levels of data security and trust
- Meet and exceed important regulatory standards
- Maintain high service levels and business agility
Which nShield models are available?
- nShield Connect – network attached appliances
- nShield Edge – portable USB-based modules
- nShield Solo – PCIe cards for embedding in appliances or servers
Certification to Industry Standards
The complete list of compliance standards are available from nCipher, while the a partial list of compliance standards include:
FIPS 140-2
Recognized globally, FIPS 140-2 is a U.S. government NIST standard that validates the security robustness of cryptographic modules. All nCipher nShield HSMs are certified to FIPS 140-2 Level 2 and Level 3 and are available for purchase at either level.
Common Criteria and EIDAS Compliance
nShield Solo+ and Connect+ models are certified to Common Criteria (EAL) 4+ and are also recognized as qualified signature creation devices (QSCDs). As QSCDs, nShield HSMs are qualified to serve as the security backbone of European digital signature (eIDAS) and other globally recognized solutions including authentication services, digital signing and time stamping.
nShield as a Service
nShield as a Service is a subscription-based solution for generating, accessing and protecting cryptographic key material, separately from sensitive data, using dedicated FIPS 140-2 Level 3 certified nShield Connect HSMs.
The solution delivers the same features and functionality as on-premise HSMs combined with the benefits of a cloud service deployment. This allows customers to fulfill their cloud objectives and leave the maintenance of these appliances to nCipher and its Partners.
nShield Remote Administration
nShield HSMs often run in physically secure, lights-out data centres in locations distant from the people who manage them. These data centres can be Edge, Modular and Colocation facilities.
Many organisations find it impractical to physically access their remote HSMs for routine management tasks.
nShield Remote Administration lets you manage your HSMs—including adding applications, upgrading firmware, checking status, and more—from your office location, whenever you choose. This means less travel to data centres, helping you cut costs and optimise your resources.
nShield Family
Download the nShield Family Brochure.
nShield as a Service
Download the nShield as a Service Brochure.
IoT
IoT Device Security using HSM.
New Vehicle Threats
Securing the Connected Vehicle.
Data Management, Backup, & Recovery
Designed to enable fast, secure data storage in remote sites, the Oper8 CloudBox solution can include an on-premise CloudNAS (at the Edge, Office, or colocation site) with automated off-site data replication.
High Level Overview
The CloudNAS can be a phsical or virtual appliance ranging in capacity from 2TB to over 32TB (physical) and over 500TB (virtual).
The CloudNAS is located on the local network, with a path to Oper8’s own cloud storage platform. Traffic between the CloudNAS and Oper8 cloud storage is encrypted.
The CloudNAS performs in the same manner as a standard NAS with network shares and user permissions limiting data sharing and access.
Both the CloudNAS and Oper8’s Cloud Storage performs real-time data deduplication and features encryption-at-rest.
Backup and replication of the CloudNAS is automatic with flexible scheduling from hours to days.
Could I deploy a CloudNAS in an EDGE Data Centre
Yes, the CloudNAS can deliver secure, large data storage capacity in the Edge facility, with access controls, automated off-site replication to Oper8 Cloud Storage, and real-time logging and operations alerts.
Do I always need a local CloudNAS?
No, Oper8 CloudBox server and workstation clients are available for Windows, Mac and Linux operating systems.
Each backup agent can connect separately to the Oper8 CloudBox portal.
How much Bandwidth is required?
Oper8 has successfully deployed 2TB CloudNAS devices on-premise for clients with limited ADSL bandwidth (only 1Mpbs upstream).
Other solutions have been deployed with 20TB CloudNAS solutions sharing a 15Mbps upstream internet connection.
All CloudNAS editions have bandwidth throttling with either permanent or time of day scheduling.
CloudBox
You get the power and convenience of the cloud without sacrificing security or control.
Making Data Management, Backup, and Recovery Easy.
Our managed local private cloud solution gives you the best of both worlds: the ability to access your data from anywhere, on any device, while keeping your data safe and secure. With CloudBox, you’ll never have to worry about losing important data again.
Networks, VPNs & Secure Connectivity
Maintaining secure networking and connectivity between your Edge, HPC, Modular, IoT and Hybrid Cloud solutions must maintain the highest levels of security without impeding service delivery.