Secure, reliable, highly-available platform - SafePaaS

Secure, reliable, highly-available platform

Secure risk management platform

Nothing is more important to us than ensuring our customers' continued trust.  

We are committed to delivering the most reliable risk management platform-as-a-service built from the ground up that provides our customers:

Leading Cloud platforms including Amazon AWS, Oracle Cloud Infrastructure (OCI) , Microsoft Azure and Databank Certified TIER III.

Total fault-tolerant cloud infrastructure to ensure > 99.97% uptime. 

Continuously monitored Intrusion Detection and Prevention (IDS/IPS).

Comprehensive DDoS mitigation with security controls for web services, and networks ensuring the performance of legitimate traffic is not compromised.

Advanced data protection controls to comply with the highest industry standards.  

IT General Controls (ITGC) to maintain effective system and organizations controls (SOC).

Scalable infrastructure that can scale up to meet increased workloads with load balancing architecture. 

Business Continuity Management with Recovery time objective (RTO) and recovery point objective (RPO) support options.

SafePaaS Cloud Hosting Options

Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform, offering over 175 fully featured services from data centers globally. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—are using AWS to lower costs, become more agile, and innovate faster.

SafePaaS customers have the option to host on Amazon Elastic Compute Cloud (Amazon EC2) to obtain and configure capacity with minimal friction. 

Amazon EC2 offers the broadest and deepest compute platform with choice of processor, storage, networking, operating system, and purchase model. EC2 offers the fastest processors in the cloud with 400 Gbps ethernet networking. 

Oracle Cloud Infrastructure (OCI) is an IaaS that delivers on-premise, high-performance computing power to run cloud native and enterprise company's IT workloads. SafePaaS customers may choose OCI to "provide real-time elasticity for enterprise applications by combining Oracle's autonomous services, integrated security, and serverless compute."

Oracle Cloud Infrastructure provides secure, elastic, compute capacity in the cloud that ranges from virtual machines and bare metal servers to HPC, GPU, container orchestration, and management. Available on-demand, compute instances provide developers with the foundation and scalability required for enterprise workloads spanning from traditional back office to modern cloud native applications.

Microsoft Azure cloud platform is more than 200 products and cloud services designed to help you bring new solutions to life—to solve today’s challenges and create the future.

SafePaaS customers have the options to procure Azure Virtual Machines that offer a combination of vCPUs, memory, and temporary storage able to meet the requirements associated with most production workloads.

The D v3 virtual machines are hyper-threaded general-purpose VMs based on the 2.3 GHz Intel® XEON ® E5-2673 v4 (Broadwell) processor. They can achieve 3.5 GHz with Intel Turbo Boost Technology 2.0.

The D v4 and Dd v4 virtual machines are based on a custom Intel® Xeon® Platinum 8272CL processor, which runs at a base speed of 2.5Ghz and can achieve up to 3.4Ghz all core turbo frequency. The Dd v4 virtual machine sizes feature fast, large local SSD storage (up to 2,400 GiB) and are well suited for applications that benefit from low latency, high-speed local storage. The D v4 virtual machine sizes do not have any temporary storage.

The Da v4 and Das v4 Azure VM-series provide up to 96 vCPUs, 384 GiBs of RAM and 2,400 GiBs of SSD-based temporary storage and feature the AMD EPYC™ 7452 processor.

Databank provides SafePaaS customers access to 65 colocation data canters throughout the United States and United Kingdom on the latest Certified TIER III Data Center facility at the best value. SafePaaS Cloud at databank facility in Texas covers 144,000SF to provide over 72,000SF of raised-floor space for build-to-suit client deployments. The facility offers network availability to multiple dark fiber providers with redundant backbone connectivity, public cloud on-ramps, access to Peering Fabrics and blended-bandwidth solutions to meet any business requirement.

The utility feeds provide more than 40MW of power, and the total footprint of the facility can be expanded to 265,000SF. Security measures include full perimeter fencing, round-the-clock on-site security personnel and dual-factor authentication (card and biometric) on exterior entry and all data centre entrances.

Fault Tolerant Cloud Infrastructure

SafePaaS cloud computing architecture is built on cloud technology infrastructure that has the capability of delivering uninterrupted service, despite one or more of its components failing. This fault tolerant platform is also able to resolve potential service interruptions related to database errors. All software services run on the platform with complete failover to hot standby to prevent catastrophic failure by eliminating any single point of failure.

The platform is designed to compensate for multiple failures. The underlying systems automatically detect a failure of the computer processor unit, I/O subsystem, memory cards, motherboard, power supply or network components. The failure point is identified, and a backup component or procedure immediately takes its place with no loss of service.

At a hardware level, fault tolerance is achieved by duplexing each hardware component. Disks are maintained in mirrored and RAID (Redundant Array of Independent Disk) configurations. Leading edge multi-processors architecture drive demanding workloads with scalable VDI deployments and persistent memory.  When an anomaly occurs, the faulty component is determined and taken out of service, but the machine continues to function as usual.

All platform services are restored instantaneously following a service outage, and high-availability environment is backed by financial guarantees to strive for five nines of operational service with a 99.973% uptime assurance guaranteed in the server level agreement (SLA).

Aside from hardware, the fault-tolerant architecture, customer data is regularly backed up on an automated schedule at a secondary or alternate location. Security controls are enforced on all backup data to prevent unauthorized access.   

Continuously Monitored Cybersecurity

SafePaaS Cloud is continuously monitored against cyberthreats which includes both the perimeter and core security devices to make sure that the platform is safe and compliance requirements are met.

This robust monitoring service supports the cybersecurity industry best practices and data protection guidelines for regulatory compliance frameworks such as NIST, ISO 27001, GLBA, FFIEC, HIPAA, PCI DSS, NYDFS, GDPR, CCPA and many others.

All Firewall configurations and traffic is managed by expert security analysts that handle timely updates, configurations, and patches.

• 24x7 monitoring from an independent SSAE 16 Type II audited Security Operations Centers (SOCs).

• Online portal provides comprehensive reports on all firewall activity and makes compliance easy with out-of-the-box reports.

• Protect your network from malicious attacks without sacrificing network uptime, which is critical in keeping business operations running smoothly.

Our Security Information and Event Management (SIEM) intelligence correlates security events across the entire network and alerts our analysts of any suspicious activity. Our analysts then utilize advanced techniques to investigate suspicious activity and take immediate action to prevent attacks from occurring. Also, our experts correlate all security events across our customer base, we can identify and respond to emerging threats.

Web Application Firewall (WAF) service protects SafePaaS cloud applications from attack by monitoring input, output, and access attempts, and blocking any malicious activity. When attacks are detected, the Web Application Firewall alerts analysts in our Security Operations Centers (SOCs) immediately block the originating IP address.

Managed Detection and Response (MDR) security devices like unified threat management, active directory, domain name servers, and endpoints are configured to send security events to SafePaaS cybersecurity partner for proprietary threat detection platform enhancing vulnerability management.

Our cybersecurity experts monitor and manage all network devices giving us early visibility into threats and performing necessary remediation.  Data is correlated and compared across all feeds improving security.   Our analysts provide active response and remediation to in resolving issues.

Advanced Data Protection Controls

SafePaaS utilizes some of the most advanced technology for internet security available today. When you access our site using a supported web browser, Secure Socket Layer (SSL) technology protects your information using both server authentication and data encryption. When you log in, you will see a small lock icon at the bottom of your browser display, indicating that a secure connection has been established to our server.

SafePaaS does not use any session "cookie" to ensure that the username, password of the user, or any other confidential user and session information is not exposed.  SafePaaS offers advanced security methods based on dynamic data and encoded session IDs.

Customers have the option to mask sensitive data using one-way hashing to store deletion records of personally identifiable information in SafePaaS database.  Incoming records are verified against the hashes to ensure records have not been previously removed for a privacy compliance request. Customers can configure and apply data governance policies to SafePaaS metadata that meet their business needs. Standard and custom objects and fields are supported.  Data Governance also supports changing data policies to service approved workflow requests and an audit trail is maintained.

Customers with large numbers of B2B or B2C transaction can mitigate the risk of privacy regulation violations by applying data governance polices in SafePaaS. For example, customers operating in the European Union and State of California  can comply with GDPR and CCPA, by enabling advanced data governance principles such as the ‘Right to be Forgotten'.  Secure hashing algorithms ensure that the data is non-recoverable abstraction of deleted personal data, and verifies incoming records against these hashes.  DataProbe™ snapshots ensure that masked, scrambled or encrypted object attributes prevent data privacy violations.

SafePaaS workflows can also customize the business process to unique data protection needs. ProcessPaaS™, workflow, and rules logic, allow SafePaaS administrators to delete data, or restrict permissions to your authorized users base on role based access controls (RBAC).

SafePaaS provides customers the option to enable data residency controls so that some or all the data is stored in a geographical location of their choice to comply with regulatory or policy reasons.

IT General Controls (ITGC)

We provide our customers independent assessment of IT General Controls and comply with SOC1 and SOC2 frameworks. SafePaaS ensures that effective IT general controls are maintained across our multitenant, metadata-driven cloud platform as we deliver cloud services with seamless, automatic release updates, delivered in real time, with no downtime.  Our workflow enabled software development life cycle (SDLC) process ensure that effective controls are maintained over enterprise systems.

Scalable Infrastructure

SafePaaS customers have the flexibility to adjust the cloud resources consumed to discover, monitor and prevent risk based on business needs. SafePaaS usage dashboard helps customers manage risk cloud services utilization by adjusting infrastructure resources without compromising performance or user experience.  

SafePaaS Cloud's serverless platform provides managed computed based on monitored users, data-sources, and meta-data snapshot frequency so you pay only for what you use.

SafePaaS usage dashboards provides metrics across risk management applications and data transfers, to help customers make data-driven scaling decisions.

Business Continuity Management

SafePaaS maintains a disaster recovery plan that supports a robust business continuity strategy for the production services and platforms. This plan has been developed from industry-accepted methodologies and encompasses principles of high-availability engineering. The Business Continuity plan is constantly measured against strict regulatory and governance requirements and is a crucial part of the acceptance plan when making changes or additions to the production environment to ensure compliance with Recovery Time Objective (RTO) and Recovery Point Objective (RPO) support options.

SafePaaS customers have the option to add a second site, SafeSwap™ to maintain the cloud services in two geographically separate locations. An instance is actively served from one location with transactions replicating in near real-time to the other completely redundant location (the SafeSwap). SafeSwap swaps the locations of an instance’s active and ready sites are swapped, making the ready site the new active site and vice versa -- the instance name does not change. This infrastructure model allows us to switch the location of the active site for maintenance, compliance, and disaster recovery purposes.