BitCloud Security Overview
The BitCloud system was designed from the beginning with a focus on security. This security focus continues today and in fact limits to some degree the list of products and features we offer. We continue to put security ahead of functionality.
Unlike commodity cloud providers, BitCloud uses VMware Enterprise virtualisation to power our cloud systems. VMware is widely recognised as the most secure virtualisation software in the world, more than 500,000 customers - including all of the Fortune Global 100 as well as military and government installations - trust VMware to virtualize their mission-critical applications.
In addition to the inherent security features within VMware, BitCloud has further enhanced it's security buy not allowing any customer to directly access the VMware systems, all interactions occur through our custom built management interface which in turn talks to the VMware sub-systems.
Numerous other steps have been taken to maximise security within our environment. These are aimed at both external intrusions as well as internally initiated attacks. In order to protect our customers, we need to treat each one as a potential threat.
Wherever possible, BitCloud systems as well as all customer systems are connected into our infrastructure using dedicated VLANs, with individual firewalls and access rules. User access is restricted to secured VPNs and strict password and authentication rules are enforced.
All critical BitCloud systems require 2 factor authentication, is strictly limited to senior engineers only and all access is securely logged.
A number of separate Intrusion Detection Systems are used at various levels to identify suspicious activity and alert where needed.
At BitCloud we take into consideration confidentiality, integrity and availability of the services by placing the strict controls at logical, technical, physical and human resource level.
Stored data is another vital component that requires significant attention to ensure appropriate security. Some of the basic steps taken for all our systems are:
- Primary server data is stored on Enterprise Grade SANs
- All storage devices are located in fully secure, Tier 3+ datacentres
- All physical access to devices is monitored and recorded
- Only internal BitCloud staff are allowed physical or admin level access
Further features available to customers at extra cost are:
- Local backups to physically separated storage devices
- Off-site backups to geographically separated regions
- Encryption of virtual disk images
- Full segregation of storage, dedicated SANs and networks
Data ownership and jurisdiction
All BitCloud systems are physically located in Australia and are owned or leased by us directly, we do not store customer data on any foreign owned infrastructure. This includes all backups and DR systems. Only internal BitCloud staff are allowed physical or admin level access to customer data.
Customers retain full ownership and rights to all data stored in BitCloud systems, BitCloud will act as a Data Custodian only. Customers can retrieve any data held on their behalf as per the standard BitCloud terms and conditions.
Business failure/administration scenario
Whilst we have no intention of ceasing to operate at any stage, we understand the requirement for businesses to protect themselves in all scenarios. We therefore offer a number of extra cost options that allows customers to maintain copies of their data. These include:
- daily/weekly backups of hosted systems across internet link back into customer premises
- monthly backups saved to removable USB disks and couriered to customer
- regular backups uploaded to storage provided by an independent supplier