Security UK, Wednesday, 25th May 2011
The answer is very. Client data is always vitally important and combining that with financial details provides a red hot issue that banks, not surprisingly take very, very seriously.
So when a supplier like stormmq comes along and offers a Cloud based Message Queue Service, a discerning CIO will firstly take a view of the commercial proposition (which needs to be convincing) before even considering whether the Service will stand up to the scrutiny of his or her internal audit security teams.
Assuming the commercial proposition is attractive, the next stage is usually about where will my data be held and who has access? At this point a quality Cloud based provider should start to get excited (as we do at stormmq) as we know to what lengths we have taken to build from the ground up a Service that offers 100% guarantee of data security that will convince even the most sceptical CIO out there……
- Security and data encryption
- End Point security
- Network Security
- Message Encryption
- User Data
- Server Protection
- Secure Destruction
Security and data encryption
End Point security
stormmq Services can only be accessed over encrypted communications. Our web service, API and AMQP end points all use 2048‐bit TLSv1. For our dedicated clusters we also offer private end points and an IPSec VPN and higher encryption strengths (if your operating system supports them). We have a number of controls at our entry points to identify and terminate disruptive traffic (DoS protection).
All messages, meta‐information and AMQP ‘frames’ arriving at an end point are transmitted encrypted throughout our Messaging Cloud. All messages persisted for later delivery are encrypted on disk using AES‐256 bit keys.
Critical account data encrypted in memory and is only encrypted‐on‐the‐fly.
Our system generates all passwords and secret keys. Hashing and Message Authentication algorithms do not rely on the partly compromised MD5 or SHA‐1 implementations.
Our servers are hardened, locked down and automated to become toasters in the event of compromise using best‐of‐breed practices. Back‐end servers are web‐inaccessible. Your IT Audit teams are welcome to review our server hardening.
All critical operational information is stored encrypted on disk using AES‐256 keys.
All activity is logged. We provide all our clients with a full log of all their activity through their website portal.
The ability to locate and secure your data means so much to us that when you take up our Service, we will sign over ownership of the encrypted hard disks we use to you as an extra option. We provide a certificate of locality and ownership of data. At the end of your subscription, we will present the disks to you for secure destruction.
We only allow a subset of SASL mechanisms, but, more importantly, enforce our password policy on our users. That way, we can ensure passwords are as secure as possible. The automated systems that use messaging don’t need memorable passwords for admin! We haven’t seen clients use LDAP with our solution – primarily as most production systems have a very small set of ‘robot’ users, and the complexity involved vs using Posix file permissions
We’ve taken this further, and use the virtual hosts of AMQP to provide isolated environments for systems, so configuration managers can partition knowledge of passwords for production and development – and prevent data ‘accidents’.