Nigsun Operates its own data-centre around the globe and has peering points co-located in some of the most respected data-center facility providers in the world. We focus and analyse our capabilities including physical security and environmental controls to secure our infrastructure from physical threat or impact. Each site is staffed 24/7/365 with on-site physical security to protect against unauthorized entry. Security controls provided by our data-center facilities includes but is not limited to:
Nigsun infrastructure is secured through a defence-in-depth layered approach. Access to the management network infrastructure is provided through multi-factor authentication points which restrict network-level access to infrastructure based on job function utilizing the principle of least privilege. All access to the ingress points are closely monitored, and are subject to stringent change control mechanisms.
Systems controlling the management network at Nigsun Cloud log to our centralized logging environment to allow for performance and security monitoring. Our logging includes system actions as well as the logins and commands issued by our system administrators.
Nigsun's Security team utilizes monitoring and analytics capabilities to identify potentially malicious activity within our infrastructure. User and system behaviours are monitored for suspicious activity, and investigations are performed following our incident reporting and response procedures.
The security and data integrity of customer virtual environment is of the utmost importance at Nigsun. As a result, our technical support staff do not have access to the backend hypervisors where virtual servers reside nor direct access to the NAS/SAN storage systems where snapshots and backup images reside. Only select engineering teams have direct access to the backend hypervisors based on their role.
Snapshots and Backups are stored on an internal non-publicly visible network on NAS/SAN servers in both, single site backup or multiple site backup scenarios. Customers can directly manage the regions where their snapshots and backups exist, which allow the customer to control where their data resides within our data-centres for security and compliance purposes.