Cloud Infrastructure and Network Security
Government Approved Cloud Hosting
Convene has partnered up with the leading provider of cloud services in the industry, Amazon Web Services (AWS), to guarantee that client data is protected on all levels. With years of experience and the capability to analyse billions of events and continuous streams of meta-data, AWS is able to detect, prevent, and defer any form of cyber-attacks regardless of size. AWS also ranks highly on platform configuration options, monitoring and policy features, security and reliability, making it the preferred choice of government institutions and multinational companies worldwide. Client data is protected with an additional security layer with AWS’ EBS Encryption, and is also segmented and stored separately from each other to ensure that no data overlaps or leaks. Convene also benefits from the protection of AWS Shield Standard, receiving protection against all currently known infrastructure attacks.
Convene cloud global infrastructure is located in SSAE16- and ISO 9001, 27001, 27017, and 27018-certified hosting facilities in Asia (Singapore), Australia (Sydney), U.S. (North Virginia), Canada (Montreal), and Europe (Ireland). Each physical hosting facility is protected and monitored 24/7 by professional security staff, video surveillance, intrusion detection systems, two-factor authentication, and many more. At the same time, access to the cloud infrastructure is limited to a dedicated access network that requires VPN access and two-factor authentication. Only authorized personnel are provided access to the dedicated access network.
Cloud Data Segregation
Each Convene client has its own single-tenanted environment—with its own set of data schemas, protected with individual authentication credentials and completely unique keys—to ensure that data is separated from other organisations. All client environments are protected by security firewalls, with only specific ports and addresses allowed.
Cloud Data Availability
With AWS Cloud Hosting, Convene is able to store client data on multiple availability zones. Each availability zone is composed of at least one data centre with independent power and internet sources to make certain that no single point of failure and to provide high availability and durability at all times.
24/7 Intrusion Detection System (IDS)
The 24/7 Intrusion Detection System (IDS) monitors access logs for common malicious attack patterns and notifies the System Team of any suspicious activity.
24/7 Intrusion Prevention System (IPS)
The Convene cloud infrastructure is protected with an Intrusion Prevention System (IPS) that scans traffic and blocks any suspicious traffic, including uploads containing malware. Uploaded files are automatically scanned by services provided by Trend Micro.
Back-up and Recovery
Daily automated backups are done to ensure data integrity, while unused or obsolete archives are destroyed and replaced to prevent unauthorised retrieval.