CLOUDBASIX Products Inherit Cloud Provider's Security Compliance
All CLOUDBASIX products are distributed as virtual machine images that deploy within your virtual private cloud (VPC). This approach ensures that data processing remains secure, as it never leaves your private cloud.
All products are cloud-native solutions, which come as pre-configured - scanned by AWS or other cloud providers security scanners - machine images (i.e. Amazon AMIs), launched as a VM/EC2 within your VPC, without the need to assign public IPs. You retain full control of the software with administrative access to the underlined OS, allowing you to conduct a security scan, independently of the previously conducted scan using cloud provider tools.
Important: As CLOUDBASIX support engineers do NOT have access to customer networks, customers are responsible to keep CLOUDBASIX instances' underlined OS and CLOUDBASIX software up to date, continuously apply latest security updates.
Same security scanning rules apply to each incremental update package - each incremental update is updated into an instance from which a new AMI is produced and passed through cloud provider security scanners. While fully automated mechanism to apply incremental updates is available via the UI console, to allow customers to scan incremental updates before they reach their environments, a semi-automatic update mechanism is in place, to allow downloading of update packages and running the image through their own security scanners, prior to applying updates into instances which run within their Virtual Private Networks (VPCs).
AWS Compliance AWS Compliance FAQ
Cloud-native solutions - process data safely inside your infrastructure, ensuring your data stays as secure as the security of your infrastructure.
Always in compliance
Because data moves within your cloud environment, it never leaves your regulatory-compliant environment, allowing you to comply with further industry security requirements.