Search
Close this search box.
Information Systems

Security

The STS platform utilizes multiple technologies to provide critical infrastructure functions such as data backup and disaster recovery. 

  • The STS environment provides FIPS 140-2 level encryption. DIS has also negotiated with the storage providers that any failed drives will be kept so they can be properly destroyed in compliance with DIS media destruction policies. 
  • Data management and protection – includes management and protection of data and workloads from prior generations, including physical and virtual servers, as well as current and next-generation workloads like containers and SaaS. Unifying multiple generations of data helps mitigate the impact of data sprawl and enables you to rapidly recover your data cost-effectively and at scale, helping ensure business continuity and data availability. 
  • Data security – protect and recover from security threats including data breaches and ransom ware, while controlling access to key data. The platform includes advanced threat and anomaly detection—part of a multi-layered protection capability that helps mitigate the impact of threats to your data. This helps mitigate the risk of ransomware occurrences, or help accelerate recovery efforts, in the event a ransomware attack does get through. 
  • Data compliance and governance – helps manage data access to drive regulatory compliance and mitigate data privacy risks – critical components in managing enterprise data and controlling data sprawl. By providing visibility into data access and potential exposure, this data service assists organizations in adhering to data privacy regulations including GDPR and CCPA and enables organizations to efficiently and rapidly respond to information-related actions or requests including legal holds and other data demands. 

For more information on backup and capabilities, please refer to the Enterprise Backup <link> and Disaster Recovery <link> sections on this site. 

All STS servers will be configured with security software for endpoint protection and security. 

Other protection mechanisms include: 

  • Role-based access controls 
  • Multi-tenancy 
  • Policy-based controls – reducing complexity, less prone to errors and easier to maintain 
  • Configuration management and compliance 
  • Industry security standards 
  • Penetration testing & vulnerability scanning 
  • 24x7x365 security monitoring 
  • Multi-factor authentication 
  • GRC – Security policy 
  • Zero Trust 

Software Defined Networking provides the ability to divide the data center into distinct security segments logically, down to the level of the individual workload—irrespective of the workload’s network subnet or VLAN. IT teams can then define security policies and controls for each workload based on dynamic security groups, which ensures immediate responses to threats inside the data center and enforcement down to the individual virtual machine. Unlike in traditional networks, if an attacker gets through data center perimeter defenses, threats can’t move laterally within the data center.

STS SERVICES

Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Public Cloud Services
• Security
Network
Enterprise DNS, DHCP and IPAM (DDI)
User Experience
Scanning, Reporting, Monitoring and Logging

Scroll to Top