Gemalto is now part of the Thales Group, find out more.
Contact Us

Cloud Platform Security Knowledge Base

Certification

How is My Data Protected?

SafeNet Data Protection on Demand (DPoD) has been independently audited and received certifications for FIPS 140-2 Level 3, ISO 27001, and SOC Type 2.

The HSMs used for SafeNet Data Protection on Demand are FIPS 140-2 Level 3 certified.

Security

How is My Data Protected?

Tenant Administrators have access only to the data that belongs to their account. Tenant specific details and/or metadata are protected at rest using volume encryption.

When the HSM On Demand instance is initialized, the service owner creates passwords or phrases for both the Security Officer and Crypto Officer roles.

Those secrets are used in a derivation scheme and are required to allow the HSM to unseal the cryptographic material.

Only the Security Officer/Crypto Officer are in possession of those secrets. It is left to the discretion of those officers to share the credentials as needed.

Tenant specific details and/or metadata are protected at rest using volume encryption.

Within each PoP, a sophisticated network of routers and firewalls ensures network separation, integrity, and confidentiality of the data and access to that data.

Within the network itself, internal firewalls segregate traffic between the application and database tiers to ensure confidentiality and integrity, as well as deliver a high level of availability.

Service Penetration Testing

Gemalto applications undergo regular application and network penetration testing by third parties, and SafeNet Data Protection On Demand adheres to this practice. The assessment methodology will include structured review processes based on recognized “best-in-class” practices as defined by such methodologies as the ISECOM’s Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP), Web Application Security Consortium (WASC), and ISO 27001:2013 Information Security Standard.

A grey-box approach of the application security audit is adopted for the purpose of the audit. The following figure shows some of the security attack vectors that are being tested. Any issues found are resolved as part of the regular development cycle.

Service Penetration Testing

Vulnerability Manager

Gemalto software applications undergo regular application and network penetration testing by third parties.

The assessment methodology includes review processes based on recognized “best-in-class” practices as defined by such methodologies as the ISECOM's Open Source Security Testing Methodology Manual (OSSTMM), the Open Web Application Security Project (OWASP), Web Application Security Consortium (WASC), and ISO 27001:2013 Information Security Standard.

When a potential security incident is detected, a defined incident management process is initiated by authorized personnel. Corrective actions are implemented in accordance with defined policies and procedures.

Prior to the actual service update the following tasks are performed:

  • Provisioning Testing: This is done on the updated service in a controlled environment and done by the Gemalto Service Operations team. With the conclusion of these tests the code has passed 3 rounds of testing successfully, each done by a different group: Unit testing done by the developer, Sprint Code Testing done by the QA group, and Service Update Provisioning Testing done by Service operations.
  • A Planned Release Notification (PRN) is sent to all existing customers notifying them on the scope of the update and planned date of actual service update.
  • Penetration testing: Penetration testing is done on a dedicated non-production system, but runs in the same environment as the operational service.
  • At the last stage, all data is backed up from the operational service, which allows Gemalto to rollback immediately in case of any unexpected challenges.

We conduct monthly reviews of all patches for servers and network equipment.

Gemalto Internal Controls and Procedures

Yes, Gemalto performs a number on internal service controls in line with our ISO27001 and SOC2 scopes that including but not limited to: Security of Internal Networks and Information, Technology-based controls, Physical Access & Environmental Controls, Problem Management, Change Management, Separation of duties, System Software Change Management.

Resilience / Availability

Data Center Physical Security

Physical security underpins any cloud-based service, so all data centers have 24-hour manned security, including foot patrols and perimeter inspections with access controls complying with industry best practices. This may vary based upon the data center but can include proximity, biometric, key, PIN or a combination of any of those controls listed.

The data centers are fully equipped with video surveillance throughout each facility and their perimeters with tracking of asset removal, ensuring that equipment and security of data held within that equipment is assured. The data centers also utilize state of the art technologies ensuring redundancies in connectivity, power, safety and security.

 

  • Video surveillance cameras are spread throughout each facility
  • 24x7 manned protection—no unsecured access to the data center
  • Multi-factor authentication is used at all times for entrance to the data center

Network Resilience

The private data center is provided with multi-vendor and neutral-network connections to major Internet Service Providers (ISPs), and is located near major Internet hubs.

Network connections to the data centers are provided using secure links with high-capacity bandwidth over fiber connections to ensure minimum latency of authentication requests turn-around. All fiber-based connections enter the data center buildings via secure concrete vaults.

The internal network infrastructure of the PoP is built upon a high speed fiber based network to ensure high-capacity throughput. This infrastructure uses multiple connections through highly secured network firewalls and routers to deliver full redundancy, as well as optimal traffic delivery.

  • Data centers are network carrier neutral
  • Multiple fiber channels at each data center
  • Use of multiple Internet Service Providers to ensure continuous and high-bandwidth Internet access

Power Supply Redundancy

Power is delivered to the data centers using an underground utility power feed, which is then supplemented and backed up by on-site redundant (N+1) diesel generators with local diesel fuel storage.

Power is delivered into the rooms via redundant (N+1) CPS/UPS systems to ensure ongoing supply, with power delivered to the PoP equipment racks using redundant power distribution units (PDUs). This ensures continuous and high-bandwidth Internet access.

Data Backup and Recovery

Within the cloud, Gemalto relies on snapshots to keep copies of storage volumes associated with the application instances.

Snapshots are taken and deleted often. Database backups are managed using relational database backups. Application logs are kept online and securely stored for a determined period of time. Data is kept for a period of time that is related to the relative compliance specific to the region where the data is being stored.

A service wide restoration test is performed annually. For this test, a tape is recalled from off-site storage and the data is restored to a test environment.

Yes. Gemalto deploys a formal Disaster Recovery plan. The plan is maintained and tested on an annual basis. Any issues identified during the test are formally discussed and remediation plans are put in place. In addition, Gemalto has a formal Business Continuity plan, which is reviewed annually to determine if updates are required. Procedures to address minor processing errors and outages are documented.