Security & Architecture
Securing data is not only a top priority for PryvateSMC it is our core business competence, our security protocols are unfathomed and we are steadfast in securing your data.
PryvateSMC uses a variety of technologies and services to secure your data from unauthorized access, disclosure, use, and loss.
PryvateSMC currently uses the following cloud services (the “Cloud Services”) Amazon Web Services (AWS), Google Cloud Platform (GCP) and/or Microsoft Azure (Azure) to process data with ephemeral storage in AWS/GCP/Azure and may make use of external API calls as described below.
PryvateSMC employees do not have physical access to any of the GCP, AWS, Azure data servers, network equipment, or storage.
PryvateSMC processes data in the Cloud Services, using a combination of serverless processing, using instances and/or storing in the Cloud Services as further described under the section ‘‘Storage, Retention and Disposal’ below.
Third party API calls
PryvateSMC makes external API calls to optimize results.
Cloud Services for processing and API calls
Documentation about the Cloud Services and API services that PryvateSMC uses and PryvateSMC is available for your review. from such documentation below that none of your data would be stored by these services beyond the completion of processing of the data by such cloud provider. (I don’t know on this – verbiage should be more legalize if that is what your getting at – or a disclaimer)
Security approaches of the Cloud Services
Each of the Cloud Services uses a combination of the approaches to keep their infrastructure secure, including the following:
- Physical access control
- Personnel security
- Logical access control
- Penetration testing
Third party audits
Intrusion detection and prevention
You can find further information in the documentation from the Cloud Services:
Note: In the case of IBM, PryvateSMC would set the parameter so that IBM does not store the data beyond the time of processing it.
Data encryption in transit
All data transmitted between PryvateSMC clients and the PryvateSMC service is done so using strong encryption protocols. PryvateSMC supports the latest recommended secure cipher suites to encrypt all traffic in transit, including use of TLS 1.2 protocols, AES256 encryption, and SHA2 signatures, whenever supported by the clients.
Data encrypted at rest
Data at rest in PryvateSMC’s production network is encrypted using FIPS 140-2 compliant encryption standards, which applies to all types of data at rest within PryvateSMC’s systems—relational databases, file stores, database backups, etc. All encryption keys are stored in a secure server on a segregated network with very limited access. PryvateSMC has implemented appropriate safeguards to protect the creation, storage, retrieval, and destruction of secrets such as encryption keys and service account credentials.
Each PryvateSMC customer’s data is hosted in our shared infrastructure and logically separated from other customers’ data. We use a combination of storage technologies to ensure customer data is protected from hardware failures and returns quickly when requested. The PryvateSMC service is hosted in data centers maintained by industry-leading service providers, offering state-of-the-art physical protection for the servers and infrastructure that comprise the PryvateSMC operating environment.
Network Security and server hardening
PryvateSMC divides its systems into separate networks to better protect sensitive data. Systems supporting testing and development activities are hosted in a separate network from systems supporting PryvateSMC’s production infrastructure. All servers within our production fleet are hardened (e.g. disabling unnecessary ports, removing default passwords, etc.) and have a base configuration image applied to ensure consistency across the environment. Network access to PryvateSMC’s production environment from open, public networks (the Internet) is restricted, with only a small number of production servers accessible from the Internet. Only those network protocols essential for delivery of PryvateSMC’s service to its users are open at our perimeter and there are mitigations against distributed denial of service (DDoS) attacks deployed at the network perimeter. Additionally, for host-based intrusion detection and prevention activities, PryvateSMC logs, monitors, and audits all system calls and has alerting in place for system calls that indicate a potential intrusion.
Access Control Provisioning
To minimize the risk of data exposure, PryvateSMC adheres to the principles of least privilege and role-based permissions when provisioning access—workers are only authorized to access data that they reasonably must handle in order to fulfill their current job responsibilities. All production access is reviewed at least quarterly.
To further reduce the risk of unauthorized access to data, PryvateSMC employs multi-factor authentication for all access to systems with highly classified data, including our production environment, which houses our customer data. Where possible and appropriate, PryvateSMC uses private keys for authentication, in addition to the previously mentioned multi-factor authentication on a separate device.
PryvateSMC requires personnel to use an approved password manager. Password managers generate, store, and enter unique and complex passwords to avoid password reuse, phishing, and other password-related risks.
System Monitoring, Logging, and Alerting
PryvateSMC monitors servers to retain and analyze a comprehensive view of the security state of its corporate and production infrastructure. Administrative access, use of privileged commands, and system calls on all servers in PryvateSMC’s production network are logged and retained for at least two years. Analysis of logs is automated to the extent practical to detect potential issues and alert responsible personnel. All production logs are stored in a separate network that is restricted to only the relevant security personnel.
Storage, data retention and disposal
Storage is required whilst the documents are being worked on by the people at your organization, so changes can be recorded and the workflow can happen, and this will take place in one of the Cloud Services, as applicable. For any option of Cloud Service, PryvateSMC can write the final (i.e., after all review is completed) processed/redacted copies locally to your internal systems if your team can provide APIs. Otherwise PryvateSMC can store them via SSO with ADFS as requested in the relevant Cloud Service. In other words, the files will be stored at a place you specify after review is completed by people at your organization.
Customer data is removed immediately upon the end of the processing and writing back to your system or location indicated by you or upon expiration of retention as set out in the service agreement between PryvateSMC and you. PryvateSMC hard deletes all information from currently running production systems (excluding non-identifiable characteristics of data which is used to improve our service) and backups are destroyed within 14 days. PryvateSMC’s hosting providers are responsible for ensuring removal of data from disks is performed in a responsible manner before they are repurposed.