SKYSITE Security

 

We are dedicated to the security of your data and information. Our customers have used SKYSITE for countless projects of varying sizes and types. Ensuring security, confidentiality, data integrity and availability is paramount for our customer’s success. Our customers have given us their trust, and we hold that responsibility dearly as we continue to operate, grow and develop SKYSITE.

 

Application Security

 

Like all cloud applications, SKYSITE is constantly under attack from malicious programs, bots and other online threats. Our security team ensures that application and network level protections are in place, maintained and monitored, and that we utilize the latest in threat detection technologies. 

 

Many of our customers elect to further enhance access controls by utilizing Single Sign-On (SSO). SKYSITE supports SSO using SAML 2.0 with compatible Identity Providers.

 

Users of SKYSITE have a variety of permissions and access controls available to further control access to their data. From Folder level permissions to Role based permission (Administrator, Employee, Shared User and Lite User), a variety of tools let our users structure their information to meet their own specific needs.

 

Data Security

 

Getting your data into SKYSITE, storing it and ensuring availability are critical functions, each of which is protected. File transmissions into SKYSITE (Data in transit) are secured using Secure Socket Layer (SSL)/Transport Layer Security (TLS) 1.2 data encryption.

 

Once in the system, all customer data is stored (data at rest) using 256-bit AES encryption and to ensure availability, we use a multi-region warm standby environment, along with daily backups of data to ensure zero data loss and rapid restoration and uptime during a major disaster due to cloud unavailability within a zone or region.

 

Infrastructure Security

 

SKYSITE infrastructure is protected using a variety of methods.

 

Access control: SKYSITE servers are hosted across multiple data centers with regular audits and 24x7 monitoring. Access to the production servers is restricted to authorized individuals only and limited to only those users with specific need.

 

Network security: We utilize industry standard network security techniques including firewalls, security monitoring, and intrusion detection systems to ensure only allowed traffic reaches our environment.

 

Fault tolerance: To ensure business continuity and 100% data integrity, critical applications are protected using hardware and software fault tolerant solutions. In the event of a master server failure, production is failed-over to secondary servers ensuring zero downtime.

 

Redundancy: Warm standby servers across regions and zones ensure a rapid failover to redundant environments in the event of a disaster in any zone or region in the cloud.

 

Availability: We provide customers a 99.9% uptime guarantee for real-time access to SKYSITE.

 

DoS and DDoS Protection: SKYSITE has always-on detection and automatic inline mitigations to minimize application downtime and latency, due to network and transport layer DDoS attacks.

 

Automated Vulnerability Detection: Security loopholes are scanned automatically including OWASP top 10 vulnerabilities. 

 

Security Testing: We regularly test our infrastructure to uncover and patch vulnerabilities. We also work with third-party specialists to keep our environment safe. Potential security risks are assessed and fixed immediately upon discovery.

 

Multi-factor Authentication: Wherever possible, SKYSITE utilizes Multi-factor Authentication to production and security systems to maximize security.

 

Compliance

 

Compliant with ISO/IEC 27001:2013

SKYSITE is certified and compliant with ISO/IEC 27001:2013 – Information Security Management System standards, ensuring best practices are used and maintained to protect your critical information. Each year, our policies and procedures are audited by a third party to ensure compliance to this standard.

 

Continual Training Program

Ongoing training on security best practices is provided to the SKYSITE employees to ensure security awareness and constant vigilance.