Forward-thinking Cloud provider delivering continued trust to customers

Nothing is more important to us than ensuring our customers’ continued trust.

We are committed to delivering the most reliable risk management platform-as-a-service built from the ground up that provides our customers:

 

Total fault-tolerant cloud
infrastructure to ensure >
99.97% uptime.

Comprehensive DDoS
mitigation with security
controls for web services,
and networks.

IT General Controls (ITGC)
to maintain effective
system and organizations
controls (SOC).

Business Continuity
Management with Recovery time objective and recovery point objective support options.

Continuously monitored
Intrusion Detection and
Prevention (IDS/IPS).

Advanced data protection
controls to comply with the
highest industry standards.

Scalable infrastructure that can
scale up to meet increased
workloads with load-balancing
architecture.

SafePaaS Cloud Hosting Options

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 175 fully featured services from data centers globally. Millions of
customers – including the fastest-growing startups, largest enterprises, and leading government agencies – are using AWS to lower costs, become more agile, and innovate faster.

SafePaaS customers have the option to host on Amazon Elastic Compute Cloud (Amazon EC2) to obtain and configure capacity with minimal friction.

Amazon EC2 offers the broadest and deepest compute platform with choice of processor, storage, networking, operating system, and purchase model. EC2 offers the fastest processors in the cloud with 400 Gbps ethernet networking.

 

 

Secure Data
Secure Data

Oracle cloud Infrastructure (OCI) delivers on-premise, high-performance computing power to run cloud-native and enterprise companies’ IT workloads. SafePaaS customers may choose OCI to “provide real-time elasticity for enterprise applications by combining Oracle’s autonomous services, integrated security, and serverless compute”.

Oracle Cloud Infrastructure provides secure, elastic, compute capacity in the cloud that ranges from virtual machines and bare metal servers to HPC,GPU, container orchestration, and management. Available on demand, compute instances provide developers with on demand, compute instances provide developers with the foundation and scalability required for enterprise workloads spanning from the traditional back office to  modern cloud-native applications.

Microsoft Azure cloud platform is more than 200 products and cloud services designed to help you bring new solutions to life – to solve today’s challenges and create the future.

SafePaaS customers have the option to procure Azure Virtual Machines that offer a combination of vCPUs, memory, and temporary storage able to meet the requirements associated with most production workloads.

The Dv3 virtual machines are hyper-threaded general-purpose VMs based on the 2.3 GHz Intel® XEON® E5-2673 v4 (Broadwell) processor. They can achieve 3.5 GHz with Intel® Turbo Boost Technology 2.0 The D v4 and Dd v4 virtual machines are based on a custom Intel® Xeon® Platinum 8272CL processor, which runs at a base speed of 2.5Ghz and can achieve up to 3.4Ghz all core turbo frequency. The Dd v4 virtual machine sizes features fast, large local SSD storage (up to 2,400 GiB) and are well suited for applications that benefit from low latency, high-speed local storage. The D v4 and Das v4 Azure VM-series provide up to 96 vCPU, 384 GiB of RAM and 2,400 GiBs of SSD-based temporary storage and feature the AMD EPYC 7452 processor.

Cloud hosting
Data center

Databank provides SafePaaS customers access to 65colocation data centers throughout the United States and the United Kingdom
on the latest Certified TIER III Data Center facility at the best value.

SafePaaS Cloud at the databank facility in Texas covers 144,000 SF to provide over 72,000 SF of raised floor space for build-to-suit client deployments. The facility offers network availability to multiple dark fiber providers with redundant backbone
connectivity, public cloud on-ramps, access to Peering Fabrics, and blended-bandwidth solutions to meet any business requrements.

The utility feeds provide more than 40MW of power, and the total footprint of the facility can be expanded to 265,000SF. Security measured include full perimeter fencing, round-the-clock on-site security personnel and dual-factor authentication (card and biometric) on exterior entry and all data centre entrances.

Continuously Monitored Cybersecurity

SafePaaS Cloud is continuously monitored against cyber threats which include both the perimeter and core security devices to make sure that the platform is safe and compliance requirements are met.

This robust monitoring service supports the cybersecurity industry best practices and data protection guidelines for regulatory compliance frameworks such as NIST, ISO 27001, GLBA, FFIEC, HIPAA, PCI DSS, NYDFS, GDPR, CCPA, and many others. All Firewall configurations and traffic is managed by expert security analysts that handle timely updates, configurations, and patches.

24×7 monitoring from an independent SSAE 16 Type II audited Security Operations Centers (SOCs).

Online portal provides comprehensive reports on all firewall activity and makes compliance easy with out-of the-box reports.

Protect your network from malicious attacks without sacrificing network uptime, which is critical in keeping business operations running smoothly.

Fault-Tolerant Cloud Infrastructure

SafePaaS cloud computing architecture is built on cloud technology infrastructure that has the capability of delivering uninterrupted service, despite one or more of its components failing. This fault-tolerant platform is also able to resolve potential service interruptions related to database errors. All software services run on the platform with complete failover to hot standby to prevent catastrophic failure by eliminating any single point of failure. The platform is designed to compensate for multiple failures. The underlying systems automatically detect a failure of the computer processor unit, I/O subsystem, memory cards, motherboard, power supply or network components. The failure point is identified, and a backup component or procedure immediately takes its place with no loss of service.

At a hardware level, fault tolerance is achieved by duplexing each hardware component. Disks are maintained in mirrored and RAID (Redundant Array of Independent Disk) configurations. Leading-edge multi-processor architecture drives demanding workloads with scalable VDI deployments and persistent memory. When an anomaly occurs, the faulty component is determined and taken out of service, but the machine continues to function as usual.

All platform services are restored instantaneously following a service outage, and a high-availability environment is backed by financial guarantees to strive for five nines of operational service with a 99.973% uptime assurance guaranteed in the server-level agreement (SLA). Aside from the hardware, the fault-tolerant architecture, customer data is regularly backed up on an automated schedule at a secondary or alternate location. Security controls are enforced on all backup data to prevent unauthorized access

Our Security Information and Event Management (SIEM) intelligence correlates security events across the entire network and alerts our analysts of any suspicious activity. Our analysts then utilize advanced techniques to investigate suspicious activity and take immediate action to prevent attacks from occurring. Also, our experts correlate all security events across our customer base, so we can identify and respond to emerging threats.

Web Application Firewall (WAF) service protects SafePaaS cloud applications from attack by monitoring input, output, and access attempts, and blocking any malicious activity. When attacks are detected, the Web Application Firewall alerts analysts in our Security Operations Centers (SOCs) immediately block the originating IP address. Managed Detection and Response (MDR) security devices like unified threat management, active directory, domain name servers, and endpoints are configured to send security events to SafePaaS cybersecurity partners for proprietary threat detection platform enhancing vulnerability management. Our cybersecurity experts monitor and manage all network devices giving us early visibility into threats and performing necessary remediation. Data is correlated and compared across all feeds improving security. Our analysts provide active response and remediation to in resolving issues.

Advanced Data Protection Controls

SafePaaS utilizes some of the most advanced technology for internet security available today. When you access our site using a supported web browser, Secure Socket Layer (SSL) technology protects your information using both server authentication and data encryption. When you log in, you will see a small lock icon at the bottom of your browser display, indicating that a secure connection has been established to our server. SafePaaS does not use any session “cookie” to ensure that the username, password of the user, or any other confidential user and session information is not exposed. SafePaaS offers advanced security methods based on dynamic data and encoded session IDs.

Customers have the option to mask sensitive data using one-way hashing to store deletion records of personally identifiable information in SafePaaS database. Incoming records are verified against the hashes to ensure records have not been previously removed for a privacy compliance request. Customers can configure and apply data governance policies to SafePaaS metadata that meet their business needs. Standard and custom objects and fields are supported. Data Governance also supports changing data policies to service approved workflow requests and an audit trail is maintained. Customers with large numbers of B2B or B2C transactions can mitigate the risk of privacy regulation violations by applying data governance policies in SafePaaS.

 

For example, customers operating in the European Union and the State of California can comply with
GDPR and CCPA, by enabling advanced data governance principles such as the ‘Right to be
Forgotten’. Secure hashing algorithms ensure that the data is non-recoverable abstraction of deleted
personal data, and verifies incoming records against these hashes. DataProbeETL™ snapshots ensure that
masked, scrambled, or encrypted object attributes prevent data privacy violations. SafePaaS workflows
can also customize the business process to unique data protection needs. ProcessPaaS™, workflow,
and rules logic allow SafePaaS administrators to delete data, or restrict permissions to your authorized
users based on role-based access controls (RBAC). SafePaaS provides customers the option to enable
data residency controls so that some or all the data is stored in a geographical location of their choice
to comply with regulatory or policy reasons.

We provide our customers independent assessment of IT General Controls and comply with SOC1 and SOC2 frameworks. SafePaaS ensures that effective IT general controls are maintained across our multitenant, metadata-driven cloud platform as we deliver cloud services with seamless, automatic release updates, delivered in real time, with no downtime.  Our workflow enabled software development life cycle (SDLC) process ensure that effective controls are maintained over enterprise systems.

SafePaaS customers have the flexibility to adjust the cloud resources consumed to discover, monitor and prevent risk based on business needs. SafePaaS usage dashboard helps customers manage risk cloud services utilization by adjusting infrastructure resources without compromising performance or user experience.  

SafePaaS Cloud’s serverless platform provides managed computed based on monitored users, data-sources, and meta-data snapshot frequency so you pay only for what you use.

SafePaaS usage dashboards provides metrics across risk management applications and data transfers, to help customers make data-driven scaling decisions.

SafePaaS maintains a disaster recovery plan that supports a robust business continuity strategy for the production services and platforms. This plan has been developed from industry-accepted methodologies and encompasses principles of high-availability engineering. The Business Continuity plan is constantly measured against strict regulatory and governance requirements and is a crucial part of the acceptance plan when making changes or additions to the production environment to ensure compliance with Recovery Time Objective (RTO) and Recovery Point Objective (RPO) support options.

SafePaaS customers have the option to add a second site, SafeSwap™ to maintain the cloud services in two geographically separate locations. An instance is actively served from one location with transactions replicating in near real-time to the other completely redundant location (the SafeSwap). SafeSwap swaps the locations of an instance’s active and ready sites are swapped, making the ready site the new active site and vice versa — the instance name does not change. This infrastructure model allows us to switch the location of the active site for maintenance, compliance, and disaster recovery purposes.