OUR CLOUD SECURITY PHILOSOPHY

Secure cloud hosting and customer data integrity are always our primary objective; we treat your data as if it is our own. Only essential staff have Access Level Clearance, meaning none of our technical support staff have any access to the backend hypervisors where virtual servers, containers, or images reside nor direct access to the secure cloud storage systems where snapshots and backup images reside. Only our engineering team has direct access to the backend servers.

img

CREDIT CARD SECURITY & PAYMENT PROCESSING

We take protecting our user’s info very seriously. We have built in many security measures to ensure user data, and especially credit card info, is never accessible via our servers directly.

Credit card security and processing is done through Authorize.net, the premier payment processing provider for internet based service providers. We utilize Authorize.net’s Customer Information Manager (CIM) to support and keep track of customer profiles that include billing, payment and shipping information. Each profile is stored on Authorize.net’s secure servers and is assigned a unique ID that is used in place of all plain text customer information.

This process ensures that SkySilk will never store nor see user Credit Card information, ever.

Authorize.net is PCI compliant and utilizes industry-leading technologies and protocols, such as 128-bit Secure Sockets Layer (SSL). SkySilk is also PCI compliant.

img

PHYSICAL ON-SITE SECURITY

We utilize only premier datacenter facilities for colocating our equipment. Each site is staffed 24/7/365 with onsite security to protect against unauthorized entry and security cameras that monitor both the facility premises as well as each area of the datacenter internally. There are biometric readers for access as well as at least two-factor authentication to gain access to the building. Each facility is unmarked so as not to draw any additional attention from the outside and adheres to strict local and federal government standards.

Our datacenters are fully PCI compliant. Beyond ensuring critical data and systems are protected physically, IT solutions that are backed by the proper policies and procedures, including guidelines for practices such as employee training, media handling, sanitization, and encryption, are becoming key for compliance.

The NOC (Network Operations Center) is staffed 24/7 by on-site industry professionals with years of IT experience. They adhere to stringent policies when provisioning and working on server hardware and data center equipment, guaranteeing you the highest level of service possible.

img

TRANSMISSION OF COMMUNICATIONS, USER ACCESS, AND BRUTE FORCE/DDOS SECURITY

All communications with Skysilk, Inc. are transmitted over SSL (HTTPS) for both access to the public website as well as the Internal API. We provide connectivity to virtual servers via SSH and recommend that customers use SSH keys to set up access to their VPS.

All virtual machines and templates come with Fail2Ban pre-installed to help mitigate brute force and offer DDOS prevention per virtual machine.

img

USER SNAPSHOT AND BACKUP PROTECTION

VPS Snapshots are generated using Ceph Snapshots, while VPS Backups (images) are created using a tool in ProxMox VE called VZDump. Both VPS snapshots and automatic VPS backups are stored on an internal non-publicly visible network of NAS/SAN servers.

img