The latest and greatest from Sungard AS



Business Continuity

SunGard Article: Defence in Depth

13th February 2013

Did you know that as an ISO 27001-certified company, we offer a menu of security services designed to enhance your resilience? These services, developed in-house or by our carefully selected partners, can be chosen as standalone services or as a package and added to your existing cloud or hosting environment to make it more secure.

Enhanced site resilience
We can deploy global load balancers to split your web hosting across multiple, geographically dispersed
sites so that in the event of a localised site failure of any kind your business doesn’t lose its entire international web presence. Similarly, with Content Distribution Network services, this option can be used to limit the full impact of an outage or attack to one region.

UK, Europe and international connectivity – Internet carrier resilience
Connectivity is the next component. SunGard publicly peers at the LINX (London INternet eXchange) with over 100 networks including BT and Virgin Media for UK connectivity, plus we have Gigabit links into C&W and EasyNet as national carriers, while Cogent, Colt, Level3 and Zayo combine to offer good European and International connectivity. In other words, we ensure there is no single point of failure. We have over 5Gbs of free capacity on these carriers today giving us enough bandwidth to absorb small volumetric attacks, but to guard against a concerted Distributed Denial of Service (DDoS) attack we recommend specific defensive measures are taken (see below).

Distributed denial of service mitigation
The Internet leaves businesses open to attack from all quarters with out-of-country attacks, volume-based attacks and known attack signatures becoming increasingly common occurrences. In the past year alone we have seen indiscriminate attacks against travel companies, government organisations, outsourcers and financial institutions. When the web is a key revenuegenerating source, as it is for many of our customers, then the cost of downtime resulting from a DD oS attack can quickly escalate to six or seven figure sums. SunGard partners with a UK-based specialist to offer this service to protect our customers.

Managed firewall/2 Factor authentication
The basic configuration of a firewall is to block everything and open only the ports necessary to give the required access to and from your network devices (typically servers). SunGard experts work with your in-house team to configure these rules and policies so that they meet your specific business needs while limiting your exposure to risk. In order to gain remote access to your systems securely, we offer a managed 2 Factor Authentication service for your added peace of mind.

External penetration testing
This service simulates an attack from both malicious outsiders and malicious insiders (who have some level of authorised access). The process involves analysis of your web applications, operating systems, web servers and networking equipment for potential vulnerabilities. These could result from poor system configuration, known and unknown hardware or software flaws or operational weaknesses in process or technical countermeasures. We conduct such penetration tests (or ‘pentests’) from the mindset of a potential attacker, attempting to actively exploit any security vulnerabilities and provide you with a full report outlining a range of protective measures that should be taken to reduce the risks to your organisation. We strongly recommend this service before launching a new commercial website and to check it periodically thereafter.

Threat and log management and review
SunGard has partnered with a specialist in Intrusion Detection Services and Log Management Services to perform internal and external vulnerability assessments that are PCI DSS-compliant. The real value from this service comes from a daily review with security experts who advise on how to prevent compliance and security breaches.

Patching and anti-virus
Finally, there is the vital but onerous task of managing servers to ensure they have the latest software releases and anti-virus software. Servers run on millions of lines of Operation System code. With new vulnerabilities in this code being discovered every week, it is crucial to patch vulnerable servers and keep anti-virus signatures up-to-date.

View more informaiton about Managed Hosting Network and Security on the SunGard website