SECURITY WHITEPAPER
SECURITY WHITEPAPER
Y SOFT Product Infrastructure
CLOUD INFRASTRUCTURE SECURITY
YSoft does not host part of YSoft SAFEQ Cloud , nor in its entirety , or any related modules required for its operation within its corporate offices .
YSoft outsources hosting of its product infrastructure to leading cloud infrastructure providers , Amazon Web Services ( AWS ) and Open Telekom Cloud . Our hosting providers guarantee between 99.95 % and 100 % service availability ensuring redundancy to all power , network , and HVAC services .
Y Soft ’ s AWS product infrastructure resides in the USA , Canada , The European Union , UK , Singapore , and Australia regions . AWS maintains an audited security program , as well as physical , environmental , and infrastructure security protections . Business continuity and disaster recovery plans have been independently validated as part of their SOC 2 Type 2 and ISO 27001 certifications .
Y Soft ’ s Open Telekom Cloud datacenters are located in Germany . Open Telekom data centers meet all recommendations of the German Federal Office for Information Security ( BSI ) regarding georedundant data storage , ensure maximum availability and fail-safety . These data centers are in compliance with German data protection laws and ISO certifications .
Our solution has been set up using 3 different Availability Zones in each of the regions where the solution is deployed . This means that we have multiple servers connected in a cluster environment with failover into different physical locations . If one zone for whatever reason fails , other servers located in a physically different location will automatically take over , completely seamless to users .
Our platform regularly undergoes independent verification of security , privacy , and compliance controls , achieving certifications against global standards to ensure it is the most secure in the industry . Recently our environment was assessed by IBM Nordcloud . Their report “ Well-architected review ” confirms a high level of operational excellence , security , reliability , and performance efficiency for the YSoft SAFEQ Cloud AWS production environment .
NETWORK SECURITY AND PERIMETER PROTECTION
The Y Soft product infrastructure enforces multiple layers of filtering and inspection of all connections throughout the platform .
Network-level access control lists are implemented to prevent unauthorized network access to our internal product infrastructure . Firewalls are configured to deny network connections that are not explicitly authorized by default , and traffic monitoring is in place for detection of anomalous activity .
Changes to our network security are actively monitored and controlled by standard change control processes . Firewall rulesets are reviewed on an annual basis to help ensure that only necessary connections are configured .
Protecting our Cloud environment in AWS we use several AWS professional tools , including :
• AWS Security Hub evaluates configuration items to assess whether the AWS resources comply with the desired configurations defined by the defined security standards .
YSoft SAFEQ Cloud - 12 - YSOFT . COM