Technical

Security

FAQs

Pricing

Multi-Tenant Cloud

Private Cloud

Managed Private Cloud

For IT Organizations

For Partners

SHI has implemented a variety of security controls within its cloud infrastructure to protect data-at-rest, data-in-motion and data-in-use. Based on your service selection type, you may opt to either accept all – or decline some – of this security based on controls already implemented within your environment.

The security technologies utilized in SHI’s Cloud Solutions are:

SHI has deployed high-availability configurations of provider-grade firewalls at the perimeter to provide full-scope perimeter protection and visibility for our cloud infrastructure. These firewalls provide the most recent feature sets required to secure the network environment including application awareness, source and destination geo-location and custom policies for different traffic types. Customer intranet and internet traffic is further segregated to prevent possible data leakage.

As part of the perimeter security controls, SHI has also deployed IPS sensors as part of its baseline security strategy. Leveraging both the IDS/IPS capabilities of this technology, we examine the traffic that passes through the cloud infrastructure to ensure that only configured traffic types are observed: encrypted tunnel traffic for customer intranet extension with IDS features while Internet-facing traffic is interacted with via IPS functionality.

In order to maximize security event visibility and reduce response time, SHI has deployed a two-tiered event correlation and monitoring infrastructure that uses both internal SHI administration and Solutionary’s ActiveGuard technology and Security Operations Center team. Not only does this provide our customers with greater responsiveness from the SHI Cloud Help Desk, it provides third-party integrity and oversight for security information and reporting.

Customer traffic for our hosted Cloud Services arrives via encrypted tunnel protocols such as IPSEC where it is terminated at – or adjacent to – the associated service core. To ensure the privacy of sensitive customer information, encrypted traffic is not seen or capable of being decrypted via SHI directly.

Encryption also greatly limits the interactivity of different data types as it moves within the SHI Cloud environment. SHI practices full data-at-rest encryption for all customer data supported with high-availability encryption switch and key management technologies. Our security mandate is to deliver customer data as close as possible to its processing resource in an encrypted state.