Secure cloud hosting and customer data integrity are always our primary objective; we treat your data as if it is our own. Only essential staff have Access Level Clearance, meaning none of our technical support staff have any access to the backend hypervisors where virtual servers, containers, or images reside nor direct access to the secure cloud storage systems where snapshots and backup images reside. Only our engineering team has direct access to the backend servers.
We take protecting our user’s info very seriously. We have built in many security measures to ensure user data, and especially credit card info, is never accessible via our servers directly.
We proudly utilize Stripe, which allows for us to securely accept payments backed by highly scalable infrastructure built from the ground up for redundancy, security, and velocity.
Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.
All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines by Stripe. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn’t share any credentials with Stripe’s primary services (API, website, etc.).
This process ensures that SkySilk will never store user Credit Card information, ever.
We utilize only premier datacenter facilities for colocating our equipment. Each site is staffed 24/7/365 with onsite security to protect against unauthorized entry and security cameras that monitor both the facility premises as well as each area of the datacenter internally. There are biometric readers for access as well as at least two-factor authentication to gain access to the building. Each facility is unmarked so as not to draw any additional attention from the outside and adheres to strict local and federal government standards.
Our datacenters are fully PCI compliant. Beyond ensuring critical data and systems are protected physically, IT solutions that are backed by the proper policies and procedures, including guidelines for practices such as employee training, media handling, sanitization, and encryption, are becoming key for compliance.
The NOC (Network Operations Center) is staffed 24/7 by on-site industry professionals with years of IT experience. They adhere to stringent policies when provisioning and working on server hardware and data center equipment, guaranteeing you the highest level of service possible.
All communications with Skysilk, Inc. are transmitted over SSL (HTTPS) for both access to the public website as well as the Internal API. We provide connectivity to virtual servers via SSH and recommend that customers use SSH keys to set up access to their VPS.
All clean Linux VPS OS options and templates come with Fail2Ban pre-installed to help mitigate brute force and offer DDOS prevention per VPS.
VPS Snapshots are generated using Ceph Snapshots, while VPS Backups (images) are created using a tool in ProxMox VE called VZDump. Both VPS snapshots and automatic VPS backups are stored on an internal non-publicly visible network of NAS/SAN servers.
Authorize.Net is a registered trademark of CyberSource Corporation. Ceph is a trademark of Red Hat, Inc. QEMU is a trademark of Fabrice Bellard. Proxmox VE and VZDump are trademarks of Proxmox Server Solutions and remains at all times the sole and exclusive property of Proxmox. SkySilk is an independent cloud solutions provider and is not endorsed, sponsored, or affiliated with any of the trademark owners referenced above.