DPOD

Cloud Platform Security Knowledge Base


Free Evaluation

How is my data protected?

What certifications does Thales Data Protection on Demand have?

Thales Data Protection on Demand (DPoD) has been independently audited and received certifications for FIPS 140-2 Level 3, ISO 27001 and SOC Type 2.

Does Thales Data Protection on Demand (DPoD) have a FIPS certification?

The HSMs used for Thales Data Protection on Demand are FIPS 140-2 Level 3 certified.

Security

How is my data protected?

How do you separate 'my data' from other customers’ data?

Tenant Administrators have access only to the data that belongs to their account. Tenant specific details and/or metadata are protected at rest using volume encryption.

Does Thales, my Service Provider, or anyone else have access to my encryption keys stored in a Luna Cloud HSM services?

When the HSM On Demand instance is initialised, the service owner creates passwords or phrases for both the Security Officer and Crypto Officer roles.

Those secrets are used in a derivation scheme and are required to allow the HSM to unseal the cryptographic material.

Only the Security Officer/Crypto Officer are in possession of those secrets. It is left to the discretion of those officers to share the credentials as needed.

How strong is your encryption and data integrity?

Tenant specific details and/or metadata are protected at rest using volume encryption.

Within each PoP, a sophisticated network of routers and firewalls ensures network separation, integrity and confidentiality of the data and access to that data.

Within the network itself, internal firewalls segregate traffic between the application and database tiers to ensure confidentiality and integrity, as well as deliver a high level of availability.

Service penetration testing

Does Thales Data Protection on Demand undergo regular application and network penetration testing?

Thales applications undergo regular application and network penetration testing by third parties, and Thales Data Protection On Demand adheres to this practice. The assessment methodology will include structured review processes based on recognised 'best-in-class' practices as defined by such methodologies as the ISECOM’s Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP), Web Application Security Consortium (WASC) and ISO 27001:2013 Information Security Standard.

A grey-box approach of the application security audit is adopted for the purpose of the audit. The following figure shows some of the security attack vectors that are being tested. Any issues found are resolved as part of the regular development cycle.

services

Vulnerability Manager

Can you show evidence of your vulnerability management programme?

Thales software applications undergo regular application and network penetration testing by third parties.

The assessment methodology includes review processes based on recognised 'best-in-class' practices as defined by such methodologies as the ISECOM's Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP), Web Application Security Consortium (WASC) and ISO 27001:2013 Information Security Standard.

What is your vulnerability remediation process?

When a potential security incident is detected, a defined incident management process is initiated by authorised personnel. Corrective actions are implemented in accordance with defined policies and procedures.

Prior to the actual service update the following tasks are performed:

  • Provisioning testing: This is done on the updated service in a controlled environment and done by the Thales Service Operations team. With the conclusion of these tests the code has passed 3 rounds of testing successfully, each done by a different group: Unit testing done by the developer, Sprint Code Testing done by the QA group and Service Update Provisioning Testing done by Service operations.
  • A Planned Release Notification (PRN) is sent to all existing customers notifying them on the scope of the update and planned date of actual service update.
  • Penetration testing: Penetration testing is done on a dedicated non-production system, but runs in the same environment as the operational service.
  • At the final stage, all data is backed up from the operational service, which allows Thales to rollback immediately in case of any unexpected challenges.

How often do you scan for vulnerabilities on your network and applications?

We conduct monthly reviews of all patches for servers and network equipment.

Thales internal controls and procedures

Does Thales perform a number of internal service controls?

Yes, Thales performs a number on internal service controls in line with our ISO27001 and SOC2 scopes including but not limited to: security of internal networks and information, technology-based controls, physical access & environmental controls, problem management, change management, separation of duties, system software change management.

Resilience / availability

Data centre physical security

What does the Data Centre Physical Security entail?

Physical security underpins any cloud-based service, so all data centres have 24-hour manned security, including foot patrols and perimeter inspections with access controls complying with industry best practices. This may vary based on the data centre but can include proximity, biometric, key, PIN or a combination of any of those controls listed.

The data centres are fully equipped with video surveillance throughout each facility and their perimeters with tracking of asset removal, ensuring that equipment and security of data held within that equipment is assured. The data centres also utilise state of the art technologies ensuring redundancies in connectivity, power, safety and security.

What are the physical security features of the Thales Data Protection on Demand (DPoD) service?

  • Video surveillance cameras are in place throughout each facility
  • 24x7 manned protection — no unsecured access to the data centre
  • Multi-factor authentication is used at all times for entrance to the data centre

Network resilience

How does Thales retain the ability to select the most resilient network at any time?

The private data centre is provided with multi-vendor and neutral-network connections to major Internet Service Providers (ISPs), and is located near major Internet hubs.

How are network connections to the data centres provided?

Network connections to the data centres are provided using secure links with high-capacity bandwidth over fibre connections to ensure minimum latency of authentication requests turn-around. All fibre-based connections enter the data centre buildings via secure concrete vaults.

What is the internal network infrastructure of the PoP built upon?

The internal network infrastructure of the PoP is built upon a high speed fibre based network to ensure high-capacity throughput. This infrastructure uses multiple connections through highly secured network firewalls and routers to deliver full redundancy, as well as optimal traffic delivery.

What are the network security features of Thales Data Protection on Demand Service PoPs?

  • Data centres are network carrier neutral
  • Multiple fibre channels at each data centre
  • Use of multiple Internet Service Providers to ensure continuous and high-bandwidth Internet ac

Power supply redundancy

How is power delivered to the data centres?

Power is delivered to the data centres using an underground utility power feed, which is then supplemented and backed up by on-site redundant (N+1) diesel generators with local diesel fuel storage.

Power is delivered into the rooms via redundant (N+1) CPS/UPS systems to ensure ongoing supply, with power delivered to the PoP equipment racks using redundant power distribution units (PDUs). This ensures continuous and high-bandwidth Internet access.

Data backup and recovery

What does Thales rely on to keep copies of storage volumes?

Within the cloud, Thales relies on snapshots to keep copies of storage volumes associated with the application instances.

Snapshots are taken and deleted often. Database backups are managed using relational database backups. Application logs are kept online and securely stored for a determined period of time. Data is kept for a period of time that is related to the relative compliance specific to the region where the data is being stored.

How often are service wide restoration tests performed?

A service wide restoration test is performed annually. For this test, a tape is recalled from off-site storage and the data is restored to a test environment.

Does Thales have a disaster recovery plan?

Yes. Thales deploys a formal Disaster Recovery plan. The plan is maintained and tested on an annual basis. Any issues identified during the test are formally discussed and remediation plans are put in place. In addition, Thales has a formal Business Continuity plan, which is reviewed annually to determine if updates are required. Procedures to address minor processing errors and outages are documented.