Security

DDoS-Mitigation

We rely on dedicated appliances to provide protection against DDoS attacks. These ensure a permanent local inline traffic analysis and proactive defense. Mitigation of attacks up to 1 Gbps is included, if necessary we can also protect larger bandwidths.

You will find more information about our DDoS mitigation strategy in the press release of 15.05.2018 (in German).

Firewalls

We assign each customer project a separate network zone. A security operations specialist operates the redundant firewalls in Segregation of Duty. It monitors the systems 7×24h and intervenes immediately in the event of problems.

Web Application Firewall (WAF)

With Airlock WAF, a security product of the Swiss software developer Ergon Informatik , we offer a unique combination of protection mechanisms for web applications. This enables us to meet the requirements of PCI DSS, ISAE 3000, ISO 27001 and FINMA RS 08/7. Airlock WAF systematically controls and filters every access at all levels before they reach the customer application.

We offer the WAF as a dedicated application or as a service.
More on WAF as a Service in our Blog.

Identity and Access Management (IAM)

In combination with Airlock WAF, the Airlock IAM enforces pre-authentication and -authorization of users. This guarantees a secure, uniform and central single sign-on infrastructure.

We offer IAM as a dedicated application or as a service.

Vulnerability Scans

We regularly perform vulnerability scans on all systems in our data centers. If we discover any gaps, we inform our customers straightaway.

Intrusion Detection Systems (IDS)

Intrusion detection systems monitor our servers and networks permanently. If they detect any suspicious traffic, the operations team is alerted. It will then promptly take the appropriate measures.

Central Log

Central Log is used for secure and unalterable storage and evaluation of log files. In addition to the customer-related platform logs (firewall, WAF, RAS, etc.), customer logs may also be integrated into the Central Log. The logs can be read via the myaspectra log viewer and/or REST APIs and rules can be specified to inform aspectra and/or the customer about anomalies.

Backup and Restore

We back up the data of all systems on a file-based basis to our tape library either daily or bi-weekly. Restore tests ensure that we can recover the data or even entire systems in an emergency.

Information Security Management System (ISMS)

Our certified ISMS ensures that the security of data and applications is traceable. It complies with the ISO 27001:2013 standard and is audited annually.

THE SECURITY OF YOUR DATA IS OUR TOP PRIORITY

We are looking forward to learn more about the requirements for your applications. Contact us so that we can offer you a suitable project.