Vaultastic is built with a multi-layered security framework as outlined below –
Hosted on AWS, Vaultastic leverages its certified security framework for securing the infrastructure resources,
Geographical Region: Your Vaultastic domain can be deployed on AWS data centers in the APAC region (Singapore) or you can choose to deploy it at the Mumbai AWS data center.
VPC/WAF: Access to Compute resources, Storage and Applications is only through a controlled Private network using the Network firewalls built into Amazon VPC, and web application firewall capabilities in AWS WAF
IAM (Identity and Access management): Provides secure access to operational teams to manage the resource groups.
Hardening: By using best practices for securing the OS, the servers are hardened during deployment, to reduce risks that arise from having a larger surface of vulnerability i.e. a server doing more than it is supposed to do.
Data Storage: The Vaultastic Security framework deploys a tiered data store with strong Encryption, Access Control and Virtual Separation on the information to allow only authorized apps to access relevant data. Infrastructure and support staff have no access to the data.
Data Durability: With the help of AWS storage services, customers are guaranteed 99.99999999999% durability of data.
Tamper Proof: The data archived can be accessed from a read-only Self service portal eliminating the chance of malicious or accidental deletion of mail.
Authorisation: Vaultastic services are hardened to limit Access to only the required services from trusted networks by using the Access Control module. Administrators can control the access to individual Vaultastic accounts.
Authentication: Users are required to securely authenticate before they can use any service. The authentication is controlled by strong Password Policies, which include minimum length, complexity, history, age etc.
Account Lockout: Services are further protected from DDOS attempts using the account lockout capability, where multiple invalid attempts can result in an automatic account lockout that can be re-opened only through an administrator intervention.
Encrypted Network traffic: The risk of sniffing and tapping is eliminated by Encrypting the client-server and server to server communication over TLS. Essentially all connections to and from the servers happen over SSL.
Self Service portal: The data archived in Vaultastic can be accessed using a Self Service portal which gives a read only access to the data. Further application controls can limit the access by disabling operations such as export, mailing etc.
Policy control: Vaultastic controls Mail traffic, Information theft and Resource overuse by deploying extensive and granular mail flow policies. It has been observed that a lot of security threats come from an unharnessed system, which allows all and sundry to send any kind of mail to anybody (internal or external).
DDOS attack control: Vaultastic also comes equipped with an Attack Control mechanism to Detect and Control Internal Spam/DOS attacks. Vaultastic deploys throttling and flow rate control mechanisms to disable such attacks before they bring down the system.
Role based administration access: The administration console via the GUI is secured with role based access.
Audit logs: Audit logs are available on demand to track administrator and end user activity on the Vaultastic domains.