This page describes how Acquia China Managed Service, built on Amazon Web Services (AWS) and Drupal, provides a secure environment for your applications.
Security in China Managed Services is a shared responsibility of Acquia, Amazon Web Services, and the subscriber. China Managed Services provides a secure platform where Acquia subscribers can build and manage world-class, highly-secure Drupal applications. Acquia manages, monitors, and secures the environment where Acquia subscriber applications run, including the operating system and LAMP (Linux, Apache, MySQL, PHP) stack and network layers of China Managed Services. Acquia provides tools, support, and resources enabling subscribers to keep secure Drupal applications.
Subscribers have various responsibilities around the security of the applications they host with China Managed Services. Subscribers must:
Subscribers are responsible for the security of the web applications they manage on the Acquia China Managed Services, while Acquia is responsible for security controls at the network and private cloud layer.
China Managed Services is built using Amazon's AWS data centers, and uses Amazon's Elastic Compute Cloud (EC2), Amazon S3, Relational Database Service (RDS), Elastic File System (EFS), and Elastic Block Store (EBS) services. Amazon personnel neither have logical access to China Managed Services hosts or applications nor have access to the data of any China Managed Services subscribers hosted by China Managed Services.
To maintain a high level of security, Amazon provides to its subscribers, it does not disclose every detail about network topology, physical locations, and AWS-specific security procedures to the public. China Managed Service leverages Amazon's certifications and attestations providing assurance to Acquia and its subscribers about the security of the infrastructure, network, and physical security layers of China Managed Services. Amazon shares certification information about the AWS control environment with strategic partners such as Acquia under nondisclosure agreements (NDAs), which prohibits Acquia from releasing this information to any unauthorized party. Acquia is committed to maintaining a high degree of transparency and trust with its subscribers, so Acquia makes as much information available to its subscribers as it can legally disclose.
For more information about the security of Amazon AWS, see AWS Cloud Security or contact Acquia.
Amazon's AWS data centers follow and enhance best practices in data center physical security. The exterior physical security is military grade. Personnel who enter the data center are authorized and verified by a government issued ID, and two-factor authentication at each entrance point. Each entrance is monitored by video surveillance, and Amazon logs and audits all access. All visitors and contractors must present identification and sign in. Visitors are always escorted by authorized staff. Amazon AWS does not permit guests, subscribers, or strategic partners such as Acquia to either tour or inspect its data center. Therefore, Acquia can't facilitate any physical inspection of AWS hosting facilities for subscribers.
Acquia maintains some infrastructure on its premises. For example, IP phone switches and LAN equipment. This equipment is not used either to host subscriber applications or to store sensitive subscriber information. Acquia cooperates with subscribers who want to speak with the Acquia security team to discuss the China Managed Services control environment.
Acquia China Managed Service provides an independent, logically-separated AWS Account for each subscriber application. Certain parts (infrastructure and databases) of the subscriber's primary technology stack in China Managed Service are provisioned on unique, logically distinct infrastructure. In China Managed Service, Acquia manages host-based firewall policies, which provide logical isolation between distinct environments in China Managed Service. The technology stack, such as SSH Access, Remote Administration environments, code repository environments, and any infrastructure in China Managed Services, are not shared between each subscription.
Acquia limits privileged access both to the information on the subscriber infrastructure under its management and to the infrastructure themselves. Access is limited to authorized personnel. Network layer controls ensure that privileged access is always enforced through secure bastion hosts, using encrypted tunnels through standard ports.
With the Acquia China Managed Service, subscribers can create named users and upload those users' SSH public keys with support ticket, Acquia Devops team will deploy the key to the subscriber's infrastructure, enabling non-privileged access using SSH. China Managed Service provides application administrators with the ability to add non-privileged users' accounts and SSH keys, which are then deployed to the subscriber's China Managed Service task nodes.
Acquia uses a standardized Linux distribution and management tooling to deploy security patches across China Managed Service.
Acquia has a formal risk-rating system based on factors such as likelihood, impact, and severity, and deploys patches according to the following schedule:
Risk Level | Schedule |
---|---|
Critical | 7 days |
High | 30 days |
Medium | 90 days |
Low | Based on risk |
Deployment of these patches can cause brief interruptions in service.
Acquia installs ClamAV on all China Managed Services infrastructure. ClamAV is an open source (GPL) antivirus engine designed for detecting Trojans, viruses, malware, and other malicious threats. To enable ClamAV virus scanning on files as they are uploaded to your Drupal application, you must install, enable, and configure the ClamAV module, which connects to the ClamAV program on your Cloud Platform infrastructure. For more information, see /node/56291.
For China Managed Service, EBS volumes for subscribers may not be encrypted. If you have any questions about the encryption status of your EBS volumes, contact your Account Manager.
You must configure SSL certificates on the primary domain name for your applications to provide SSL security for authentication functions and for any secure transactions taking place.
For Acquia China Managed Service, if subscribers want to enable SSL entirely, they must contact Acquia Support to enable SSL. Subscribers must provide their own certificate.
Subscriber confidential information is never stored outside of the AWS infrastructure for extended periods or on physical media such as a CD or removable USB media.
Subscriber data is only transferred outside of Amazon's EC2 environment if needed to help solve a subscriber's problem, if the problem requires local resolution steps, and if the subscriber explicitly authorized the data. After resolving the issue, the files are purged. In practice, subscriber-sensitive information is never stored on laptops, mobile devices, or physical media outside of the protections AWS provides.
When a subscriber cancels service with Acquia, the subscriber's infrastructure is terminated, and the application data is deleted. Hard drives and other storage media are never removed from the data centers before sanitizing the data, so the data cannot be recovered. When a storage device reaches the end of its useful life, AWS procedures include a decommissioning process designed to prevent subscriber data exposure to unauthorized individuals. AWS uses the techniques detailed in DoD 5220.22-M (National Industrial Security Program Operating Manual) or NIST 800-88 (Guidelines for Media Sanitization) to destroy data as part of the decommissioning process. If an infrastructure device cannot be decommissioned using these procedures, the device is degaussed or physically destroyed in accordance with industry standard practices.
Acquia China Managed Service ensures that the appropriate level of logging is implemented at the application and platform layers for Acquia-managed assets to enable necessary analysis and investigation into an incident or issue. Acquia uses AWS S3 to retain the logs for up to 180 days.
Acquia Search is not available in China Managed Services. However, a search service is available within China Managed Services. Search Service is hosted by an infrastructure with physical separation between each subscriber's environment. Each subscriber application's index data is segregated into separate data files and directories. Authorization to the search infrastructure allows each application to access its own search data.
If this content did not answer your questions, try searching or contacting our support team for further assistance.
Sat Sep 28 2024 12:44:34 GMT+0000 (Coordinated Universal Time)