Merlin's unique single-tenant architecture offers security, redundancy, high availability and disaster recovery options unique to our industry.
We are committed to data security.
We know security is critical to our clients and to their business, so at Merlin we incorporate security into the very fabric of our software platforms and engage leading industry experts to assess every aspect of our security architecture.
To increase flexibility and maximize our ability to separate client data, we’ve implemented a single-tenant architecture. With a single-tenant environment, each Merlin deployment is unique to a client, using dedicated encryption keys to protect all data at-rest and in transit, ensuring that your sensitive data is never accessible to others. We can also offer clients a range of additional security measures including customizable control over the environment, enhanced access restrictions and special monitoring.
We build our operations practices to meet and typically exceed applicable industry standards for privacy and data security both in the U.S. and around the world. To support that objective, all Merlin deployments are hosted in Amazon Web Services (AWS), the pre-eminent supplier of cloud infrastructure and services. Like many of the world’s leading cloud based software providers, we use AWS to provide infrastructure, networking and advanced security services. In addition, we integrate security best practices into software design and data management.
From the beginning, our goal has been to create a cloud-based solution that drives business value while meeting or exceeding our clients’ data protection requirements. Merlin works every day to earn the trust of our clients to host their data in the cloud more securely than if it was behind their own firewalls.
We offer a host of security options designed to ensure control over access to your data from upload to archive. In addition to cloud monitoring and active firewall management, we use these best practices to protect data from improper access:
Those new to the public cloud may wonder whether they are compromising security for speed, scalability and cost savings. In fact the opposite is the case. AWS pioneered secure public cloud services and is the leader worldwide on cloud security. From the beginning, we have purpose-built Merlin’s software platforms to run on the Amazon cloud and to take advantage of the the many enhanced security features and services it offers:
1. Physical Security
AWS maintains highly-secure facilities which are locked-down and monitored at all times. We have decades of experience managing our own environments across private data centers and find AWS to be more secure for a number of reasons, including the fact that they are staffed with many of the best information security professionals in the world.
AWS has been providing infrastructure for government agencies and other large entities around the world for more than a decade. As a result, it carries an extensive list of security certifications, from multiple ISO badges, to FedRAMP (U.S. government required), to PCI, HIPAA, SOC and dozens of other certifications. AWS carries over 40 U.S. and international audit certifications.
AWS simplifies the use of industry leading encryption technology for securing data in transit and at rest. Encryption ensures that data is only accessible by authorized identities and/or services regardless of the location of that data.
AWS provides a highly available infrastructure spanning the entire globe. Each AWS region contains several availability zones made up of multiple distinct and highly secure data centers. Deployments on AWS can leverage these data center resources to maximize service availability in ways that couldn’t otherwise be reasonably achieved.
5. Security Services
We take advantage of multiple additional services offered by AWS to protect client data to augment our security practices. If you need custom security for your site, we can offer a wide range of special options to further strengthen the protections inherent in a single-tenant environment. Ultimately, you can take control of your complete site.
Our goal in developing the Merlin IS platform was to create a cloud-based software solution that drives business value while meeting and typically exceeding our clients’ data protection and privacy requirements. The Merlin team works every day to earn the trust of our clients to host their data in the cloud more securely than if it was behind their own firewalls.