DTM CORE Cloud - Advanced security features and compliance
12/03/2018
Dinamica Generale cloud systems are protected by six levels of security designed for maximum security combined with the best access performance:
- Server redundancy and fault tolerant
- Hardware perimeter security (firewall)
- Software perimeter security (application inspection)
- Native application security (application security)
- Isolation of administrative sessions
- Geographically distributed multimodal backup
NATO Certified Stormshield Firewall with port filtering and application inspection functions
Application inspection analyzes every form of communication between servers and clients, with the help of well-known patterns, discriminates against legitimate traffic by closing down unrecognized traffic connections. The firewall also tracks the number of connections per second from an IP address to a particular service and the number of global connections per time. If these parameters are outside of the maximum tolerated values (calculated using average operating traffic algorithms), the firewall begins the mitigation and reduction of the load by preventing or otherwise reducing the capabilities of a DoS or DDoS attack. To properly handle the load at peak hours, the firewall consists of a cluster of devices that can independently balance the operational load by maximizing the speed of analysis.Multimodal backup
To ensure the persistence of data and to remedy situations of human error or unpredictable system crash on all data, two different types of remote backup are performed in a few hours: a backup of the entire Server Backup that "duplicate" the status of the entire server and a backup of the client data part that can keep database and data persistence for individual customers. All backups are historicized and performed on remote locations (international sites), ensuring data security even in case of natural disaster or other events that may compromise the Datacenter structure where the servers are located. All backups are also transferred and encrypted with 256-bit AES key known only by the Company's Management.
Dinamica Generale makes use of external and certified companies that perform Penetration Tests to the Cloud system to ensure the highest level of security and keep the Cloud always updated and safe.