Thales Data Protection on Demand (DPoD) has been independently audited and received certifications for FIPS 140-2 Level 3, ISO 27001 and SOC Type 2.
The HSMs used for Thales Data Protection on Demand are FIPS 140-2 Level 3 certified.
Tenant Administrators have access only to the data that belongs to their account. Tenant specific details and/or metadata are protected at rest using volume encryption.
When the HSM On Demand instance is initialised, the service owner creates passwords or phrases for both the Security Officer and Crypto Officer roles.
Those secrets are used in a derivation scheme and are required to allow the HSM to unseal the cryptographic material.
Only the Security Officer/Crypto Officer are in possession of those secrets. It is left to the discretion of those officers to share the credentials as needed.
Tenant specific details and/or metadata are protected at rest using volume encryption.
Within each PoP, a sophisticated network of routers and firewalls ensures network separation, integrity and confidentiality of the data and access to that data.
Within the network itself, internal firewalls segregate traffic between the application and database tiers to ensure confidentiality and integrity, as well as deliver a high level of availability.
Thales applications undergo regular application and network penetration testing by third parties, and Thales Data Protection On Demand adheres to this practice. The assessment methodology will include structured review processes based on recognised 'best-in-class' practices as defined by such methodologies as the ISECOM’s Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP), Web Application Security Consortium (WASC) and ISO 27001:2013 Information Security Standard.
A grey-box approach of the application security audit is adopted for the purpose of the audit. The following figure shows some of the security attack vectors that are being tested. Any issues found are resolved as part of the regular development cycle.
Thales software applications undergo regular application and network penetration testing by third parties.
The assessment methodology includes review processes based on recognised 'best-in-class' practices as defined by such methodologies as the ISECOM's Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP), Web Application Security Consortium (WASC) and ISO 27001:2013 Information Security Standard.
When a potential security incident is detected, a defined incident management process is initiated by authorised personnel. Corrective actions are implemented in accordance with defined policies and procedures.
Prior to the actual service update the following tasks are performed:
We conduct monthly reviews of all patches for servers and network equipment.
Yes, Thales performs a number on internal service controls in line with our ISO27001 and SOC2 scopes including but not limited to: security of internal networks and information, technology-based controls, physical access & environmental controls, problem management, change management, separation of duties, system software change management.
Physical security underpins any cloud-based service, so all data centres have 24-hour manned security, including foot patrols and perimeter inspections with access controls complying with industry best practices. This may vary based on the data centre but can include proximity, biometric, key, PIN or a combination of any of those controls listed.
The data centres are fully equipped with video surveillance throughout each facility and their perimeters with tracking of asset removal, ensuring that equipment and security of data held within that equipment is assured. The data centres also utilise state of the art technologies ensuring redundancies in connectivity, power, safety and security.
The private data centre is provided with multi-vendor and neutral-network connections to major Internet Service Providers (ISPs), and is located near major Internet hubs.
Network connections to the data centres are provided using secure links with high-capacity bandwidth over fibre connections to ensure minimum latency of authentication requests turn-around. All fibre-based connections enter the data centre buildings via secure concrete vaults.
The internal network infrastructure of the PoP is built upon a high speed fibre based network to ensure high-capacity throughput. This infrastructure uses multiple connections through highly secured network firewalls and routers to deliver full redundancy, as well as optimal traffic delivery.
Power is delivered to the data centres using an underground utility power feed, which is then supplemented and backed up by on-site redundant (N+1) diesel generators with local diesel fuel storage.
Power is delivered into the rooms via redundant (N+1) CPS/UPS systems to ensure ongoing supply, with power delivered to the PoP equipment racks using redundant power distribution units (PDUs). This ensures continuous and high-bandwidth Internet access.
Within the cloud, Thales relies on snapshots to keep copies of storage volumes associated with the application instances.
Snapshots are taken and deleted often. Database backups are managed using relational database backups. Application logs are kept online and securely stored for a determined period of time. Data is kept for a period of time that is related to the relative compliance specific to the region where the data is being stored.
A service wide restoration test is performed annually. For this test, a tape is recalled from off-site storage and the data is restored to a test environment.
Yes. Thales deploys a formal Disaster Recovery plan. The plan is maintained and tested on an annual basis. Any issues identified during the test are formally discussed and remediation plans are put in place. In addition, Thales has a formal Business Continuity plan, which is reviewed annually to determine if updates are required. Procedures to address minor processing errors and outages are documented.