Playing our part in the shared responsibility model

Playing our part in the shared responsibility modelPlaying our part in the shared responsibility model

Playing our part in the shared responsibility model

A recent report by the NCSC (National Cyber Security Centre) advocates the shared responsibility model. This is where clients and cloud providers like Cloud Heroes both have a part to play in data security.

Part of the benefit of using cloud solutions is being able to place responsibility onto the provider rather than having to shoulder the burden yourself.

We would like you to know that Cloud Heroes takes its part in that very seriously indeed.

Security by default

When you work with Cloud Heroes, you’re trusting us with a lot. We fully appreciate just how much you’re trusting us and intend on holding up our side of the bargain.

The NCSC report highlighted a few insecure default configurations they see a lot, let’s tackle those head on.

Weak default authentication policies with no multi-factor authentication – Cloud Heroes supports a robust authentication policy that can include class-leading technologies to verify authorised users. Multi-factor authentication is supported.

Data encryption as an optional add-on – All data managed by Cloud Heroes will be fully encrypted using the latest industry standards with a minimum of 256-bit encryption. Data can be encrypted in transit and again at rest for full protection. Data is also safely distributed between our UK-based ISO 27001 and PCI-DSS accredited data centres.

Collaboration environments accessible by anybody on the internet, by default – Collaboration environments are secured within our network and will require login via SSH or RSA key to access. There can also be further authentication to access specific platforms within the network depending on your requirements.

Logs (which are very useful to incident handlers) being initially disabled – Logging is an essential part of managing security and reliability and is invaluable in troubleshooting. Logging is enabled by default with further logging available upon request.

Legacy protocols (such as IMAP) being enabled, by default – You can use IMAP if you really want to. It can be enabled but will typically include SSL and multi-factor authentication to allow access.

Letting you set your root account password as ‘password’, while also not requiring you to set up multi-factor authentication – Cloud Heroes can provide SSH or RSA keys rather than use passwords on initial login. This offers a significant security benefit over using passwords. Multi-factor authentication is also supported.

Going beyond

We don’t just stop there.

Cloud Heroes has designed our infrastructure to be as robust and as secure as possible.

Your data will be encrypted before upload, encrypted once stored and distributed across secure data centres. All within the UK.

If anything happens to one of our data centres, your data will automatically be made available from one of the others.

Each data centre is protected by class-leading physical security and cutting edge network security including real-time monitoring, malware and antivirus scanning, full 356-bit encryption, and firewalls.

Our UK data centres are ISO 27001 and PCI-DSS accredited so you can have full confidence that your data is protected.

Anything is possible

This level of security is enough to protect some of the best-known companies in the UK. However, if you have specific requirements, we are always happy to help.

We have a team of trained and highly experienced security experts on staff who can design and implement just about any security layer you can think of.

We are more than happy to bring that experience to bear to help secure your data.

Contact Cloud Heroes today for web hosting, disaster recovery, cyber security, hosted desktop, hosted email, cloud backups and a whole lot more!

Written by 87

We enable digital business. Premium hosting and managed cloud solutions, exactly how you need it.