Cloud Security and Compliance

Cloud Security and Compliance 2019-03-07T15:33:35-08:00

Concero’s enterprise cloud solutions have embedded security features deployed in-depth to meet the most demanding compliance requirements.

Robust cloud security processes and features are integrated into Concero’s enterprise cloud platform, including:

  • Multi-level Network Firewalls and Intrusion Detection Systems
  • Centralized Identity and Permissions Management
  • Two-Factor Authentication
  • In-Transit and At-Rest Data Encryption
  • Server and Application-level Vulnerability Scanning
  • SSL-VPN and MPLS Connectivity Supported
  • Centralized Log Management and Alerting
  • Secure Windows and Linux OS Templates
  • Host-level Change Control and Auditing

These comprehensive security features are reinforced by robust security processes:

  • ISO 27001 Compliant Information Security Management System
  • SSAE16 SOC II Certified Data Centers
  • ITIL v3 Compliant IT Service Management Processes
  • Cloud Security Alliance Parntner
  • System Access Restricted to Staff with Government Reliability Status or Better

Further, through our security portal, you have access to on-demand reporting and alerting for security and compliance, smoothing the path to completing audits.

cloud security processes
cloud security reporting and analysis compliance requirements

Security Reporting and Analysis

To demonstrate strong cloud security controls and meet your compliance requirements, Concero provides detailed security reporting and analysis as part of our integrated security services.

Through our online portal, detailed system logs and event histories, vulnerability scan results,  and more are available on-demand so you can be confident you’ll have the information necessary to support your audit.

cloud security - egress traffic

Traffic Control, Inspection and Filtering

Concero controls and inspects all ingress and egress traffic to your servers via:

  • Integrated Server Load Balancing
  • Dedicated vLANs, IP NATing and Proxying
  • Advanced Intrusion Detection Powered by AlertLogic
  • Multi-tier Network and Host-level Firewalls
  • Real-time HTTP/S Traffic Filtering
  • Global Traffic Management and DOS Mitigation
cloud security enterprise-grade Active Directory

Identity and Permissions Management

All access to your cloud environment is centrally managed using an enterprise-grade Active Directory configuration, featuring:

  • Geographically Redundant AD Controllers
  • Central Authentication for Windows and Linux Machines
  • Role Based Permissions using Least Required Access Principles
  • Dual Factor Authentication
  • ADFS and Azure AD Support
 robust encryption services - cloud security

Encryption in Transit and at Rest

Concero offers robust encryption services for both data at rest and data in transit to provide the highest levels of cloud security for your confidential information, including:

  • Point-to-Point and User-to-Point SSL-VPN Services
  • VM-level Encryption Service on a VM-by-VM Basis
  • Storage-level Encryption Services
  • Encryption Key Management Services
  • Backup-level Encryption Services