Methvin
is proud to be an Amazon Web Services
Advanced Technology Partner, and in doing so we
have leveraged the world-class security of the
AWS platform to build and deliver our
Methvin
product.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud
computing environments available today. It provides an extremely scalable, highly reliable platform that
enables customers to deploy applications and data quickly and securely. Methvin
takes advantage of these
features to allow us to deliver an Enterprise Solution for Small Business Budgets.
S ECURITY
World Class Protection
AWS’s world-class, highly secure data centers utilize state-of-the-art electronic surveillance and multi-factor
access control syst
ems. Data centers are staffed 24x7 by trained security guards, and access is authorized
strictly on a least privileged basis. Environmental systems are designed to minimize the impact of disruptions to
operations. And multiple geographic regions and Availability Zones allow us to remain resilient in the face of
most failure modes, including natural disasters or system failures. Methvin is an active-active solution that isn’t
reliant on a single computer, data center, or telecommunications network.
Our virtual infrastructure has been designed to provide optimum availability while ensuring complete
customer privacy and segregation. Methvin exploits these capabilities to their fullest. In addition we
guarantee data sovereignty to ensure you have compliance with Privacy Laws.
Multi-Factor Control Systems Multiple Geographic Regions 24x7 Electronic Surveillance
AWS Security
We know that it’s important for you to understand the protection
measures that are used to guard the AWS cloud infrastructure.
But since you can’t physically touch the
servers or walk through the data centers,
how can you be sure that the right
security controls are in place?
The answer lies in the third-party certifications and evaluations that AWS has
undergone. AWS has achieved ISO 27001 certification and has been
validated as a Level 1 service provider under the Payment Card Industry (PCI)
Data Security Standard (DSS). They undergo annual SOC 1 audits and have
been successfully evaluated at the Moderate level for Federal government
systems as well as DIACAP Level 2 for DoD systems.
Each certification means that an auditor has verified that specific security
controls are in place and operating as intended.
Anywhere, anytime and on any device
Not only are our applications and data protected by highly
secure facilities and infrastructure, but they’re also
protected by extensive network and security monitoring
systems.
These systems provide basic, but important security
measures such as distributed denial of service (DDoS)
protection and password brute-force detection.
Built-in Security Features
Additional security measures include:
– control how accessible our
services are by configuring built-in firewall rules – from
totally public to completely private, or somewhere in
between and by utilising a Virtual Private Cloud (VPC),
we control egress as well as ingress.
Built-In Firewalls
Secure Access
– customer access points, also called API
endpoints, allow secure HTTP access (HTTPS
) so that we establish
secure communication sessions with Methvin using SSL/TLS.
- for even greater
communication privacy, we use newer, stronger cipher
suites. These cipher suites allow SSL/TLS clients to use
Perfect Forward Secrecy, a technique that uses session
keys that are ephemeral and not stored anywhere. This
prevents the decoding of captured data, even if the
secret long-term key itself is compromised.
Perfect Forward Secrecy
– each user can have unique security
credentials, eliminating the need for shared passwords or
keys and allowing the security best practices of role
separation and least privilege.
Unique Users
– our Virtual Private Cloud (VPC)
allows us to add another layer of network security to
Methvin by creating an IPsec VPN tunnel between your
other IT services and your Methvin applications.
Private Subnets
Because our cloud infrastructure provides so many built-in security features, we have been able to construct the Methvin product to higher
security standards than provided by traditional hosted services.
the Methvin solution offers secure
access to your confidential information by never keeping a copy of the
actual data on the device you are using. This removes the headache of
locking down computers or trying to remote wipe information in the
event a device is lost or the employee leaves the organisation.
Zero Fingerprint Client
Security Logs
– provides logs of all users activity within Methvin.
– the Direct
Connect service allows us to establish a dedicated network
connection from your premise to Methvin. Using industry
standard 802.1q VLANs, this dedicated connection can be
partitioned into multiple logical connections to enable you
to access both public and private IP environments within
Methvin.
Dedicated Connection Option
Verifying Our SecurityVirus Protection
Our partnership with Trend Micro ensures our environment is afforded the
highest level of virus protection and our email platform has automated
spam filtering and virus protection on all inbound and outbound
messages.
In addition we regularly monitor and patch all our services with the
relevant updates from the respective software vendors as soon as they
become available.
www.methvin.org
info@methvin.org
+1 347 759 6200