Security is our top priority
Built-in Security Features
Customer access points, also called API endpoints, allow secure HTTP access (HTTPS) so that you can establish secure communication sessions with your Cloud-A services using SSL/TLS.
You can control how accessible your instances are by configuring built-in firewall rules – from totally public to completely private, or somewhere in between. And when your instances reside within a Virtual Private Cloud (VPC) network, you can control egress as well as ingress.
The Cloud-A Virtual Private Cloud (VPC) service allows you to add another layer of network security to your instances by creating private subnets and even adding an IPsec VPN tunnel between your home network and your Cloud A VPC.
Centralized key management
For customers who use encryption extensively and require strict control of their keys, we offer a convenient management option for creating and administering the keys used to encrypt your data, or access your servers.
Sharing the Security Responsibility
For IaaS services like Cloud-A compute instances and Swift bulk object storage, you have more control and therefore more configuration work to do. For compute instances, you’re responsible for patching the guest OS on the instances as well as any software you install on them, configuring the security group (firewall) that allows outside access to your instances, and setting up any VPC subnets that the instances reside within, etc. For Swift bulk object storage, you must set the access control policies for each of your storage buckets, set up encryption options for the stored data, and specify backup and archiving preferences.