Last updated Nov 11, 2019
Our datacenters co-located in some of the most respected datacenter facility providers in the world. We make use of the following datacenter hosting providers (find their Data Security Policies and/or Compliance also included) which ensure that your data is as secure as possible:
Due to our datacenters being hosted through a 3rd-party provider, it is to our advantage that our hard drivers and/or any hardware cannot be physically accessed even if the desired to do so existed - as most resources are also utilized at a virtual level.
Charted's infrastructure is secured through a defense-in-depth layered approach. Access to the management network infrastructure is provided through multi-factor authentication points which restrict network-level access to infrastructure based on job function utilizing the principle of least privilege. All access to the ingress points are closely monitored, and are subject to stringent change control mechanisms.
Systems are protected through key-based authentication and access is limited by Role-Based Access Control (RBAC). RBAC ensures that only the users who require access to a system are able to login. We consider any system which houses customer data that we collect, or systems which house the data customers store with us to be of the highest sensitivity. As such, access to these systems is extremely limited and closely monitored.
Additionally, hard drives and infrastructure are securely erased before being decommissioned or reused to ensure that your data remains secure.
Systems controlling the management network at Charted log to our centralized logging environment to allow for performance and security monitoring. Our logging includes system actions as well as the logins and commands issued by our system administrators.
Charted's Security team utilizes monitoring and analytics capabilities to identify potentially malicious activity within our infrastructure. User and system behaviors are monitored for suspicious activity, and investigations are performed following our incident reporting and response procedures.
The security and data integrity of customer Server is of the utmost importance at Charted. As a result, our technical support staff do not have access to the backend hypervisors where virtual servers reside nor direct access to the NAS/SAN storage systems where snapshots and backup images reside. Only select engineering teams have direct access to the backend hypervisors based on their role.
Snapshots and Backups are stored on an internal non-publicly visible network on NAS/SAN servers provided by our datacenter hosting providers. We directly manage the regions where our snapshots and backups exist which allows us to control where our data resides within our hosting providers' datacenters for security and compliance purposes.