Soft inside. Armored on the outside
Everyone gets how useful cloud can be, but not everyone fully grasps the need to make it secure. Hackers and phishers are capable of malicious activity that can cause irreparable damage, sometimes reaching well beyond a single event. And they actively seek out vulnerable targets.
Even small, seemingly innocuous gaps in security coverage can put everything at risk including data, customer information, uptime, and potentially your company’s reputation. Protect your data with security services. Cloud is useful in proportion to its security.
Distinct physical networks for public, private, and management traffic.
Find the best hardware and software security options that meet your security requirements: DWTI offers a full palette.
We offer the latest industry-leading security solutions to help you create a comprehensive strategy.
Create a Multi-layer Security Strategy
Physical and Operational Security
In the cloud, there can be many points of entry or attack for malicious activity. DWTI’s advantage is in its ability to provide the full range of security options for you to choose from. With us, you can protect your infrastructure with multiple, overlapping layers of protection customized to your needs and interests.
Even the tiniest flaw can compromise your company’s network. DWTI’s innovative network architecture and commitment to using the most advanced hardware technologies dramatically minimize your data center and server exposure to outside threats. The system integrates three distinct and redundant architectures into our multi-tiered network topology. Systems are fully accessible to your administrative personnel but safely off-limits to others.
System, Application, and Data Security
Beneath our layers of physical and network protection, your individual computing systems, applications, and data are further safeguarded by several tiers of comprehensive, standard security features. Additional hardware-assisted security options are available on demand, allowing you to customize your enterprise’s security profile based on changing requirements or client needs.
Intrusion protection software for your servers
A good lock on your door is great; even better is a lock plus an anti-tamper alarm. When it comes to security in the cloud, securing a data center environment and its physical server hardware is only half the battle—it’s important to protect your infrastructure from the software side as well. To help you keep your data safe, we offer a complete array of Intrusion Protection Systems (IPS) and Intrusion Detection and Prevention Systems (IDPS) software for both the network and server/host level.
Layers of Security
Secure your servers and applications with unique security software throughout your environment.
Scan and Log
Monitor for and respond to security threats with in-depth scanning and logging capabilities.
Stay up-to-date with patches and security updates for supported operating systems and software.
Application, Network, and Security Optimization
Citrix NetScaler, a software-based virtual appliance offered on DWTI infrastructure, combines an extensive portfolio of application, network and user-layer security capabilities with a rich ecosystem of interoperable partner products.
The NetScaler ICSA-certified hybrid security model pairs Layer 7 attack signature detection with an advanced learning engine to ramp up quickly and help prevent denial-of-service attacks. As an application delivery controller (ADC), NetScaler optimizes the secure provision of all web and enterprise business applications, cloud-based services, virtual desktops and mobile services – regardless of location and access technology.
McAfee® VirusScan Enterprise
Anti-virus, Anti-spyware, Firewall, and Intrusion Prevention
Stop and remove malicious software, be protected against new security risks, and reduce the cost of responding to outbreaks with the industry’s lowest impact on system performance. Provision VirusScan Enterprise on any Windows server for no additional charge.
McAfee® Host Intrusion Protection with Reporting
Pro-active Security Against Known and New Threats
Boost security and lower costs by reducing the frequency and urgency of patching. Host Intrusion Prevention integrates with the McAfee ePolicy Orchestrator (ePO) platform for centralized reporting and management that’s accurate, scalable, easy to use, and works with other McAfee and non-McAfee security products.
Nessus Vulnerability Scanner
Vulnerability, Configuration, and Compliance Assessment
High-speed discovery, configuration auditing, asset profiling, sensitive data discovery, patch management integration, and vulnerability analysis built on a continuously-updated library of more than 55,000 vulnerability and configuration checks and Tenable’s vulnerability research team’s expertise. Highly scalable, and easy to deploy. Available with any bare metal server for no additional charge.
Two-factor Authentication for DWTI Portal
Higher Security for Logging into Your Infrastructure and Accounts
Require extra security for accessing your infrastructure or account to ensure your servers, data, and account is always safe. Available services include PhoneFactor and Symantec Validation and ID Protection.
Control your traffic
Firewalls are an important step in securing your DWTI environment (and all the information stored there) as well as preventing malicious activity from ever reaching your servers or end users. When added to your security strategy, hardware and software firewall options will help ensure uptime, protect your servers and network, and give you greater control of your infrastructure’s protection settings.
Instant emplacements of firewalls without service interruption.
Completely control your firewall settings via API or Web portal.
Options from 10Mbps to 2,000Mbps to accommodate unique needs.
10Mbps to 2,000Mbps protection for single servers.
Protect individual servers with hardware firewalls provisioned on demand without service interruptions.
Hardware Firewall (Dedicated)
1Gbps protection for single, multiple, or all servers on same VLAN.
Protect one, multiple, or all servers that share the same VLAN with a dedicated hardware firewall, provisioned on demand without service interruptions.
Hardware Firewall (High Availability)
Redundant 1Gbps protection for single, multiple, or all servers on the same VLAN
Protect one, multiple, or all servers that share the same VLAN, with a secondary physical firewall for failover protection (and automatic fall back when the primary firewall is restored).
Fortigate® Security Appliance.
High-performance, enterprise-class firewall protection
Provides complete, granular control over advanced firewall and security features. High availability options are available.
Software defined firewall, router, VPN, and more.
Create and manage virtual routers, firewalls, and VPN devices through user-defined parameters. A Vyatta Network OS Gateway Appliance—a DWTI bare metal server with Vyatta Network OS—can be customized, monitored, and tweaked to protect your infrastructure and optimize your network performance.
Worried about Budget constraints?
Save thousands by provisioning your infrastructure in the cloud
Deploying a secure multi-server environment on-premises requires significant capital expenditures and recurring operating expenses. Estimate how much you can save by provisioning your complex infrastructure environment on DWTI cloud resources.
Knowing the standards. Implementing with ease
Our compliance department works with independent auditors and third-party organizations to meet the industry’s most stringent guidelines to provide you reports and information for your compliance needs. The physical and virtual controls of our facilities, network, and customer portal are an extension of your own, and we make it easy for you to get the information you need for your audits.
You secure your infrastructure using your own internal controls, and you rely on us to do the same.
Independent and Precise Controls
We meet the industry’s strictest guidelines because our checks are exacting and because we work with independent auditors and organizations.
Our compliance reports are made available to all customers via the client's portal.
DWTI provides SOC 1, SOC 2 and SOC 3 reports. These reports evaluate DWTI’s operational controls on criteria set by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. The Trust Services Principles define adequate control systems and establish industry standards for services providers such as DWTI to safeguard their customers’ data and information.
Customers may download the current DWTI SOC 1 and SOC 2 reports from the customer portal or contact our sales team. Our SOC 3 report is available for general use and can be accessed here: DWTI SOC 3 Report.
ISO 27001 is a widely-adopted global security standard that outlines the requirements for information security management systems and provides a systematic approach to managing company and customer information based on periodic risk assessments. The latest standard, ISO/IEC 27001:2013, was published on September 25, 2013, by the International Standardization Organization (ISO) and the International Electrotechnical Commission (IEC) under the joint ISO and IEC subcommittee.
In order to achieve ISO 27001:2013 certification, a company must show it has a systematic and ongoing approach to managing information security risks that affect the confidentiality, integrity, and availability of company and customer information. This standard emphasizes the measurement and evaluation of how well an organization’s Information Security Management System (ISMS) is performing and also includes information security related controls based system along with other requirements.
The DWTI platform is audited by a third-party security firm and meet all requirements of ISO 27001 in every assessed data center: DWTI ISO 27001:2013 Certificate of Registration.
ISO 27018:2014 establishes commonly accepted control objectives, controls and guidelines for implementing measures to protect Personally Identifiable Information (PII) in accordance with the privacy principles in ISO 29100 for the public cloud computing environment.
In particular, ISO 27018:2014 specifies guidelines based on ISO 27002, taking into consideration the regulatory requirements for the protection of PII, which might be applicable within the context of the information security risk environment(s) of a provider of public cloud services.
The DWTI platform is audited by a third-party security firm and meets all requirements of ISO 27018: DWTI ISO 27018:2014 Certificate of Registration.
Federal Trade Commission
COPPA imposes certain requirements on operators of websites or online services directed to children under 13 years of age, and on operators of other websites or online services that have actual knowledge that they are collecting personal information online from a child under 13 years of age.
Cloud Security Alliance – STAR Registrant
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within cloud computing. One of the mechanisms the Cloud Security Alliance uses in pursuit of its mission is the Security, Trust, and Assurance Registry (STAR)—a free, publicly accessible registry that documents the security controls provided by various cloud computing offerings.
If you store or process credit card data, then PCI Compliance and network security are of primary concern to your business. To ensure consistent standards for merchants, the Payment Card Industry Security Standards Council established Payment Card Industry (PCI) data security standards. These standards incorporate best practices to protect cardholder data, and they often require validation from a third-party Qualified Service Assessor (QSA). We help our customers meet their PCI compliance needs by providing an Attestation on Compliance from an independent QSA. The Attestation on Compliance can be used in conjunction with our SOC 2 report and ISO 27001 certification to demonstrate that the infrastructure meets the PCI controls. Customers and their auditors can use our reports to verify the PCI controls that are DWTI’s responsibility are met.
For more information about and assistance to achieve, certify, and maintain PCI compliance for your DWTI environment, please contact our sales team.
The U.S. Health Insurance Portability and Accountability Act requires specific security controls for businesses that store or process protected health information online. The DWTI cloud platform meets all of the necessary requirements for HIPAA on the data center/service provider side.
For more information about and assistance to achieve, certify, and maintain HIPAA compliance for your DWTI environment, please contact our sales team.
EU Model Clauses
DWTI offers its customers the ability to choose precisely where to locate data, with data centers on five continents. For customers who wish to transfer data originating in the European Economic Area to a country outside the EEA, DWTI offers European Model Clauses in the form approved by the European Commission and European Union’s data protection authorities. The European Model Clauses guarantee European customers that DWTI supports the necessary data privacy protections in every location on the globe.For more information and delivery of the EU Model Clauses for your DWTI environment, please contact our sales team.
Note Regarding Safe Harbor: On October 6, 2015, the EU Courts invalidated the Safe Harbor program. If you are a prospective DWTI EU/EEA customer, or are a current customer and have previously relied on DWTI’s Safe Harbor certification we offer the standard European Model Clause agreement approved by the European Commission for transfers of personal data from Europe to the United States. More Information: IBM Statement on Safe Harbor Ruling
Making cloud safer, one Trusted Computing Pool at a time
IT managers find themselves challenged to keep pace with cloud industry advances and provide data centers capable of new and more demanding uses that challenge existing security practices. Intel TXT provides the best hardware-assisted security technologies specifically designed to build a secure foundation for cloud operations. DWTI, in partnership with IBM and SoftLayer, offers this pioneering solution as an additional method to secure your infrastructure.
You know that your hardware and pre-launch software are in a known good state because they have been checked and vetted.
Easy to Order
You can ensure that when your server is deployed it will be enabled with TXT by selecting Intel TXT on the order form.
Eliminated downtime and protect your environment against attacks.
Intel® TXT Partnership Overview
Intel Trusted Execution Technology is fundamentally about trust. You can have peace of mind when deploying and securing cloud resources.Why? Because in the background, a processor-based, tamper-resistant environment compares key server components to previously known, trusted states prior to booting. To learn more, watch this short informative partner video.
Example Use Cases
Large IT Departments
Trying to control the cost of ownership while maintaining robust security practices takes hard work. Intel TXT uses elbow grease and code to ensure that the system is intact during the boot process. It’s just another level of confidence knowing the servers being added are all part of a trusted compute pool.
When it comes to investments and money, financial institutions must meet specific security guidelines to protect customers’ bottom lines. It’s easy to keep up with financial growth if you can safely deploy additional servers when needed. Intel TXT ensures each resource added has been verified and checked for integrity against server hardware components such as BIOS, firmware, and hypervisor software.
Building a Chain of Trust
The power of Intel TXT provides a strong anchoring point for your chain of trust by offering the strongest possible foundation for successful evaluation of the computing platform and its protection. It features:
- A dynamic root of trust for measurement (DRTM)
- Data protection in case of improper shutdown
- Measurement and verification of launched environments.
During the boot process, the Trusted Platform Module (TPM) holds the computer-generated keys for encryption which essentially is a code that measures, extends, verifies, and executes—over and over to establish a system as trusted.
True Security Means Trusted Compute Pools
Do your security and compliance teams require a Trusted Boot to ensure systems start up in a known good state? Add a layer of defense with Intel TXT. Once select servers are provisioned with Intel TXT, the infrastructure level building blocks will enable a customer to build trusted compute pools.
Intel TXT is available on select servers:
- Intel Xeon E3-1230
- Intel Xeon E3-1270 (v1, v3)
- Intel Xeon E5-2620 (v2, v3)
- Intel Xeon E5-2640
- Intel Xeon E5-2650 (v1, v2, v3)
- Intel Xeon E5-2670
- Intel Xeon E5-2690 (v1, v2, v3)
- Intel Xeon E5-4620
- Intel Xeon E5-4650
Full support anytime
Assistance, advice, and expertise
Our services are a fusion of the most powerful infrastructure and a top team of experts. This is why we can boldly offer technical support at any time, regardless of time zones or holidays.