Your business on the net must be protected from security breaches - both physical and virtual. Safeguarding your applications eliminates loss of business. The impact of an online security breach is far greater than just monetary. It leads to lack of confidence on the part of your customers leading to reduced traffic on your website and lesser returns on your Internet investment.

Sify Hosting, with a world-class team of experts and a comprehensive set of products and services provides your business with tools, techniques, and knowledge that let you enjoy the Internet advantage.

Physical Security

	40 CCTV cameras : Every square inch of the IDC is under surveillance 24x7x365.
	Proximity cards.
	Biometric Scanning.
	Access to various zones is allowed based on a combination of the above two.
	Monitor room : All activities are videotaped on a 24-hour basis to facilitate foot printing in case of breaches.
	Sensors at the periphery and racks : Instant detection of forced access.

Data Security

Basic Security Services

All our customers get the benefit of certain proactive security measures that we practice.

Network Based Intrusion Detection (IDS)

With the help of a Network-based state-of-the-art Intrusion Detection System we keep track of all attempts made to compromise servers/applications hosted at our IDC. Our dedicated security team maintains round the clock vigil.

Firewall

All the servers/applications are placed behind our Next Generation firewall. All access to servers is compulsorily routed through this firewall. Its stringent policies are configured based on the wealth of experience we have acquired in Data Center operations.

Anti-virus

We install anti-virus patches on all Wintel technology based customer assets thereby minimizing compromises due to a virus attack. The onus of upgrading patches from time to time rests on our security team.

DOS

The risk of running into Denial of Service (DOS) while trying to access applications hosted with us is minimized as all traffic from invalid IP addresses is completely blocked.

Advanced Security Services

Managed Firewall Services

Firewall acts as first level of security protecting what is inside and also providing access to the outside world. By enforcing a set of rules and a company’s security policy, the Firewall controls system exposure to the Internet. Complete Firewall services are available for all basic applications. Quite often, there could be a need for multiple firewalls- specific requirements pertaining to specific vendors. This type of a scenario is easily handled by us

Server Hardening

A hardened server, plugging weaknesses in the operating systems and applications, provides the first layer of defense.

Key Advantages

	Reduce opportunities for exploits by removing non-essential services and closing no-dependent unutilized ports
	Raise barriers to exploits by tightening system parameters
	Remove reported vulnerabilities by applying vendor-approved patches that are tested in-house and found relevant to the system

Task List

	Block unused ports
	Disable unused independent services
	Apply individual hot fixes
	Configure security policies for authentication and access control
	Set up encryption in vulnerable channels
	Set auditing on system, application and security logs
	Configuration options to strengthen the server against security weaknesses including weak initial sequence numbers, buffer overflow attacks and other denial of services attacks

Deliverables

	All reported vulnerabilities in the server, operating system and standard applications are patched up thus, preventing known exploits against the server.
	Access control implemented on the files and the system resources are as per the policy of the company.
	Servers run on minimum number of required ports and services are enabled as per the application’s requirements. Unnecessary ports & services are removed from the server.

Incident Handling

In the event of intrusion and compromise of servers, databases or other digital assets of the organization, a quick and reliable method for managing the situation is essential to limit the damage, recover the assets and track the intruder. This service includes the provision of emergency response teams and mature disaster recovery procedure to the clients.

Key Advantages

	Recovering from a compromise, if not handled properly, can lead to further damage to your data and application. A trained incident handling team brings the server back to normalcy with minimal downtime while safeguarding the data and application.
	An Incident is established where there is a presence of malicious code or ‘backdoors’ in the system, which could lead to future exploits. The Incident Handling Service removes all vestiges of a compromise, including hidden programs in the system.

Task List

	Actions to prioritize evidence retention, system recovery and cause identification when an incident occurs.
	Processes to control and limit the extent of damage due to an incident.
	Provide assistance in identifying whether an intrusion has occurred and if it was intentional. Maintenance of a secure and provable chain of custody

Deliverables

	A clean server with all applications performing as they were before the incident
	Document detailing the cause of incident and its extent of damage to the system
	Forensic analysis to detect the source of the incident

Penetration Testing

Our highly trained team leverages its expertise, Industry Standards and custom built tools to offer high-end penetration testing service capable of detecting even very remote vulnerabilities of the target system.

Key Advantages

	Provides a hacker’s eye view of the server, in terms of the ways it can be hacked from outside.
	Recommends steps to be taken for guarding against the vulnerabilities found during the test.

Task List

We use a wide range of Industry Standard scanning and attack tools in addition to our proprietary packet crafting tools to assess the security of a server. While there is considerable overlap in the functionality of many commonly available tools, Sify reserves the right to choose the appropriate tools and methodologies depending on the requirements.

It is to be noted that the quality of a ‘pen’ test is more than just the sum total of the tools used : our highly skilled security professional is able to glean much more information about the network using these tools in tandem, than just what an individual tool reports.

Deliverables

Pen test report will contain the following :

	Details of security and vulnerabilities discovered
	Description/demonstration of successful exploits
	Emergency quick fix solution against such exploits
	Long term solution against demonstrated exploits
	Additional security warnings
	Overall site security summary

Patch Testing and Application

Patches will be applied to the reported vulnerabilities in the operating system, servers and standard applications, so that intruders cannot exploit them to take control of the machine. All patches will be tested to check their effect on the performance of the servers.

Need :

	New vulnerabilities appear regularly, providing attackers the chance to hack into the system. A server needs to be continuously protected against all developing vulnerabilities.
	Keeping track of vulnerabilities and patches can be difficult for an in-house team. When servers are collocated at our Data Centers or when customers sign up for RMS. We offer complete Penetration Testing facilities and Updating services.

Methodology :

	Mirror the operating system and applications of the server.
	Track vulnerabilities and patches relevant to the operating system and application.
	Test vendor released patches for performance and service dependency on the mirrored server.
	Apply tested patches on the live server.

Deliverables :

	All vendor approved patches that do not hamper the performance of the server will be applied at an agreed upon periodicity.
	Periodic report on the server status, detailing the vulnerabilities closed and those that are left open due to performance impact.

Vulnerability Assessment

Scope

Vulnerability Assessment (VA) is carried out for a server or group of servers in a network.

Tasks

The server is studied over a period of 2 days. The following tasks need to be performed :

	Server enumeration, detailing all the services and applications running
	Map services and port dependencies of applications
	Running automated tools for vulnerability detection
	Verifying accuracy of tool results by manual checks
	Testing special applications for error conditions
	Analyzing O/S configuration and application settings
	Analyzing file permissions and access listing for secure operation
	Verifying adequacy of auditing and logging mechanism
	Studying authentication mechanisms of applications for weaknesses
	Studying administrative practices

Deliverables :

A report containing :

	Comprehensive list of vulnerabilities in Operating System and applications
	Weaknesses in configuration and settings that can lead to failure
	Weakness in implementation of access and sharing policy on server that can lead to disclosure of confidential information
	Unsafe practices and processes for administration of server
	Strengthening security measures

Fort Knox

Fort Knox - a SLA-backed security services package to protect applications and servers has won the satisfaction of a number of discerning customers. You too can benefit from the frequency-bound, SLA-driven service to fall back upon. This unique security package brings together four proactive services that ensure that your server is comprehensively secure from a variety of security threats.

OS / Server Hardening

	Patches applied to reported vulnerabilities on the server, operating system and standard applications
	ACLs implemented on files and system resources as per the policy of the company
	Assessment and verification of servers running on appropriate ports and services as per application requirements for greater efficiency and management

Penetration Testing

	Details of vulnerabilities discovered and rectified
	Description and solutions against hacking exploits
	Weakness in implementation of access and sharing policy on server that can lead to disclosure of confidential information
	Customized security settings
	Overall site and application security

Vulnerability Analysis

	Providing comprehensive list of vulnerabilities in the OS and Applications
	Removing weaknesses in configuration and settings that can lead to failure
	Identifying loopholes in implementation of access and sharing policies on Server
	Identifying unsafe practices and processes for administration of servers

Patch Testing and Application

	Vendor approved patches which do not hamper performance of the server are applied
	Periodic report on server status detailing vulnerabilities closed and those left open due to performance fluctuations
	Maintaining comprehensive record on patch application and updates