Our single tenant architecture provides the most secure environment in the industry
Security by Design
Over the past two decades, we’ve hosted data for many of the largest companies and law firms in the world. We know security is critical to our clients and to their business. We are proud to say we have never had a security incident involving data compromise or loss.
Security is a key design criterion for our cloud-native applications. We chose a single rather than multi-tenant architecture because of the flexibility and security advantages it offers.With a single-tenant environment, we can lock down client data without fear of bad actors attacking data after gaining access through other client sites. We can also offer clients a range of additional security measures including customizable control over the environment, enhanced access restrictions and special monitoring.
We build our operations practices to meet or exceed applicable industry standards for privacy and data security both in the U.S. and around the world. To support that objective, we chose Amazon Web Services to provide infrastructure, networking and advanced security services. We then integrate security best practices into software design and data practices.
Ultimately clients can trust data hosted in our systems just as if they were behind their own firewalls.
We offer a host of security options designed to ensure control over your data access from upload to archive. In addition to cloud monitoring and active firewall management, we use these best practices to protect data from improper access:
Those new to the public cloud may fear they are compromising security for speed, scalability and cost savings. In fact the opposite is the case. Rather than build our own data centers, as we did in the past, we chose Amazon Web Services (AWS) as our infrastructure partner. AWS was the first to offer secure public cloud services and it is the leader worldwide on cloud security.
Thus, from the beginning, we purpose-built Merlin’s software platforms to run on the Amazon cloud and to take advantage of the many security features and services it offers.
AWS maintains highly-secure facilities which are locked-down and monitored at all times. We have decades of experience managing our own environments across private data centers and find AWS to be more secure for a number of reasons, including the fact that they are staffed with many of the best information security professionals in the world. In addition, their locations are not publicly disclosed and customers are not allowed to enter the facilities. Only well-screened employees are allowed to enter and then only on a strict need to access basis.
AWS has been providing infrastructure for government agencies and other large entities around the world for more than a decade. As a result, it needs to carry an extensive list of security certifications from multiple ISO badges, to fedramp (U.S. government required), to PCI, HIPAA, SOC and dozens of others. AWS carries over 40 U.S and international audit certifications.
AWS supports encryption in transit and at rest for all data we maintain. Encryption protects against a hacker gaining access to your storage devices but it also protects against data center employee malfeasance. Even if an intruder or employee manages to access an encrypted hard drive, nothing will come of it because the encrypted data is unreadable.
AWS provides a highly durable storage infrastructure designed for mission-critical and primary data storage. Objects are redundantly stored on multiple devices across multiple facilities in an Amazon S3 Region.
5. Security Services
We take advantage of multiple services offered by AWS to protect client data to supplement our security practices. If you need extra security for your site, we can offer a wide range of special options to further strengthen the protections inherent in a single-tenant environment. Ultimately, can take control of your complete site.
Good Company: We find ourselves in good company. AWS provides infrastructure and security to a wide range of companies and agencies including the Department of Defense, banks, Comcast, Dow Jones, the European Space Agency, ESPN, FINRA, General Electric, NASA, NASDAQ, Pfizer, SAP, Tata Motors, Turner Broadcasting, the US Department of State, the UK Ministry of Justice and Zillow.
We chose Amazon Web Services as our infrastructure and security partner in part because of the large number of security certifications they bring to the table. Here are just a few of them.