Physical Security
This page provides information about our physical security controls for ProtoPie Enterprise Cloud environments, including data access & monitoring, OS hardening, supplier management, and vendor assessment.
Data Access & Monitoring
Data Access
The system administrators (Enterprise Operations division) have access to the data through customer systems, including access to the hypervisors when dealing with Virtual Machine (VM) instances.
Access to information security management systems, including hypervisors, firewalls, vulnerability scanners, network sniffers, and APIs, is restricted, logged, and monitored.
Personnel Access
Personnel access to hypervisor management functions and administrative consoles for systems hosting virtualized systems is carefully restricted, following the principle of least privilege.
To ensure strong access controls, we employ various technical measures, including two-factor authentication, audit trails, IP address filtering, firewalls, and TLS-encapsulated communications.
For added security, we manage removable media usage through the implementation of the Bitdefender solution. This helps us enforce necessary restrictions and safeguards to protect against unauthorized data transfers and potential threats.
OS Hardening
For optimal security and to align with our recommended best practices, we suggest implementing the following technical controls to harden your operating systems and meet your business needs:
- Enable the firewall to enhance network protection.
- Regularly back up your Mac using reliable cloud storage solutions like Google Drive.
- Disable remote access to mitigate potential vulnerabilities.
- Encrypt your hard drive to safeguard sensitive data from unauthorized access.
- Install and enable antivirus protection tools, such as Bitdefender, to defend against malware and other threats.
- Configure a password-protected screensaver to prevent unauthorized access to your system.
- Disable automatic login to strengthen authentication security.
- Create a separate non-administrator account for daily use to minimize the impact of potential security breaches.
- Utilize a password manager to generate and securely store strong passwords for all your accounts.
- Disable Spotlight suggestions to enhance privacy and prevent possible information leakage.
- Ensure automatic updates are enabled to receive the latest security patches and bug fixes, keeping your system up-to-date and resilient against emerging threats.
By adhering to these recommended measures, you can bolster the security of your operating systems and ensure they effectively meet your business requirements.
Supplier Management
Supplier Management Controls
ProtoPie has implemented controls for managing its cloud services supplier, Amazon Web Services (AWS). We have established terms and conditions to access, process, store, or transmit organizational information using supplier systems. As such, we periodically conduct audits and request System Organization Control (SOC) reports for our suppliers.
For more information on the AWS privacy practices, visit the Amazon Web Services Data Privacy page.
Performance Monitoring
In addition to conducting audits and SOC reports, we also monitor the performance of our suppliers to ensure the security and availability of customer data. As the leading cloud hosting provider, Amazon Web Services (AWS) offers extensive performance and security information on its website, enabling effortless monitoring.
Vendor Assessment
ProtoPie conducts a cloud-hosting vendor assessment process once a year, thoroughly reviewed by our dedicated security team. Detailed information about the AWS compliance programs can be found at the following link: AWS Compliance Programs.
Outsourcing Monitoring
Given that all ProtoPie products are developed in-house, without the involvement of subcontractors or outsourced software development, there is no need for specific controls to detect source code security defects in relation to outsourced activities.