NaviSite Managed Cloud Services (MCS) offer you a robust, virtualized infrastructure deployed as multiple, secure clouds hosted in NaviSite's data centers. The NaviCloud platform enforces security, privacy, and integrity of your applications and data. And NaviSite's comprehensive, multi-pronged approach to security addresses physical, infrastructure, network, identity, data, and compliance requirements.
NaviSite MCS includes all the basic building blocks you need – virtualized servers, Windows and Linux operating systems, fast and reliable storage, speedy and responsive networking, and best-of-breed firewalls.
Highly Secure Cloud Computing Platform
NaviSite's SSAE-16-certified US data centers meet the highest security standards for cloud-enabled data and application integrity. Our cloud computing security technologies and services include:
- Network-Intrusion Detection and Prevention: All traffic is carried on secure VLANs, passing through a firewall to access other cloud VLANs or physical networks. NaviSite's advanced firewall technology also provides intelligent threat defense with identity-based access control and denial-of-service-attack protection.
- Firewall Services and Two-Factor Authentication: A shared firewall ensures segregation of VLAN traffic terminating on the same physical segment. A virtualized firewall gives you your own individual security contexts on an enterprise firewall appliance. And each cloud customer has their own dedicated firewall appliance.
- Anti-Virus Systems: NaviSite's real-time security management employs centralized anti-virus software. With optional sophisticated log aggregation and event correlation, NaviSite quickly and efficiently identifies and resolves potential security threats.
- File Integrity Services: Upon request, NaviSite uses TripWire's file-integrity services to assess integrity on customer virtual machines. File integrity services monitor both file and configuration integrity – looking at raw file contents, permissions, registry settings, and security settings.
- Data Integrity: NaviSite maintains back-up data both on and off-site onsite to accommodate rapid recovery of recent data as well as longterm off-site storage. We store tapes in a secure location within each data center and follow airtight security procedures for sending tapes to secure offsite locations.
- Automated Vulnerability Scans: NaviSite employs short- and broad-range automated vulnerability assessments. Short-range assessments are deployed monthly and include a minimum of five hosts. These assessments also include port scans. All identified ports are checked for known vulnerabilities. Broad range assessments are performed quarterly for a minimum of 20 hosts. NaviSite also offers third-party penetration testing to simulate an attack to identify and remedy any technology, process, or procedural weaknesses.
- Physical Security (Restricted Access, Biometrics, and Surveillance): NaviSite monitors its data centers from two global network operations centers. Physical access to datacenter facilities is restricted. Entering the building that houses the data center requires mandatory visitor registration, visitor escorts, employee badge access, and biometric palm scanner authentication.
Physical Security and Cloud Computing Environmental Safeguards
NaviSite also has sophisticated monitoring devices in each facility: early-warning fire detection, smoke and temperature detectors, and 24x7 digital video surveillance. Full data-grade HVAC systems are in place to regulate air temperature and humidity. Security also extends to management. Role-based access control ensures that each user has only the permissions required for their role. Permissions can also be set on objects or groups managed by NaviSite. All activity is logged for auditing purposes.