UPSOL CLOUD SECURITY STANDARDS

UpSol understands that confidentiality, integrity, and availability of our customers’ critical data is vital to their business operations. We appreciate and don’t take for granted the trust our customers have put in us.

With our Enterprise Grade Cloud Operations, our driving purpose is to ensure we deliver to and exceed your expectations. Because of this commitment to excellence, we take standards and procedures very seriously as a cloud-based Software-as-a-Service (SaaS) provider. UpSol’s data centers provide best-in-class, cloud-delivered security, with superior infrastructure security speed, and integrity, strict standards, true multi-tenant service, high resiliency, and scalability. UpSol partners with Amazon Web Services (AWS), the undisputed Cloud Infrastructure as a Service leader, which provides the ability to scale and innovate with customers as their needs grow and evolve.

ISO 27001:2013 CERTIFICATION FOR INFORMATION SECURITY MANAGEMENT SYSTEMS

UpSol have received certification for the ISO 27001:2013 Information Security Management System. This certification was completed by Compass Assurance Services and ensures that the company has established a formal set of policies, procedures, processes, and systems that manage information risks for the receipt, transformation, storage and processing of electronic documents and data in the UpSol cloud environment according to the associated statement of applicability.

SHARED SECURITY RESPONSIBILITY: INFRASTRUCTURE STANDARDS AND PROCEDURES

UpSol maintains the following standards procedures in relation to the infrastructure that provides its services:

  • ISO 27001:2013 certified information security management system, standards and guidelines.
  • Segmented and secure virtual private cloud (VPC) networks
  • Highly restricted, role-based access to production EC2 environments governed by the least privilege principle
  • Hardened EC2 instance images
  • Mirrored infrastructure across two Australian-Based availability zones
  • Backups taken daily with an archive of 30 daily backups and 3 monthly backups.
  • Firewalls configured to “default deny”
  • High availability built-in via load balancers
  • Unlimited, secure storage capacity with S3
  • Continuous monitoring of all components, sub-components, and internal/external/front-end/back-end applications to assist infrastructure and service integrity
Infrastructure Redundancy

UpSol’s AWS primary data centers provide global average uptime of >99.9999%. That means each of the data centers typically experience outages totaling less than 5 minutes and 15 seconds over the course of a year.
To ensure availability, all UpSol infrastructures deploy a minimum of N+1 redundancy, meaning every mission-critical component has at least one backup.

AWS/Data Center Network Security

At UpSol, we are firm believers in the defense in depth strategy. Our Amazon infrastructure is protected by several layers of network-based security controls including host-based firewalls, intrusion detection systems, load balancers, and virtual firewall technology such as AWS Security Groups.
Encryption is utilized to protect data in transit, including TLS/SSL encryption over HTTPS connections utilised for secure communications between FileBound and customer end users. Authorised IT engineers access production network equipment and data stored remotely, via secure two-factor authentication enabled SSL VPN tunnels.

For more information about UpSol’s ISO 27001:2013 certification or any other aspect of our cloud platform please contact sales@upsol.com.au.