Sutherland places great emphasis on enforcing internal access management policies
and standards to ensure the security of our services and customer data. We employ
various mechanisms and controls to maintain strict control over network access.
To protect against unauthorized access and control traffic, we implement an
intermediate untrusted zone between the internet and our internal network. This zone
acts as a security mechanism, effectively restricting access to authorized personnel
and preventing unauthorized traffic.
Our network architecture follows a layered approach to network segregation. Public
subnets act as a shield, preventing direct internet access to internal private subnets
where sensitive data and information assets are deployed. Access to these assets
is strictly controlled and limited to select authorized hosts. Network layer access
control lists (ACLs), virtual private cloud (VPC) routing, and firewall rules are utilized
to enforce these access restrictions.
Within the private subnets, lateral propagation is also restricted based on specific
business needs. This further enhances the security of our network by minimizing
the potential spread of threats or unauthorized access within our internal environment.
We strictly control access to sensitive networks on a need-to-know basis. Backend
privileged administrators are required to connect to bastion hosts as the initial layer
of access. This connection is secured using device certificates, multi-factor
authentication, and proxies or virtual private networks (VPNs).
Audit control
Sutherland Robility has implemented a robust security monitoring and detection system
to ensure the safety and integrity of our environment. We have deployed multiple layers
of security log, event, and threat monitoring to provide comprehensive coverage.
Our monitoring system includes logging and analysis of various components within the
environment, including such as public cloud platform logs, audit trail and control plane logs,
IAM (Identity and Access Management) logs, endpoint and container security logs,
operating system logs, and other relevant third-party security logs. These logs are
aggregated, correlated, and continuously monitored to detect any security incidents
or suspicious activities.
Our security operations team utilizes advanced monitoring techniques to establish
baselines for performance and behavior. This enables us to automatically detect any
deviations or anomalies that may indicate unauthorized access or malicious behavior.
If an anomaly is detected, our team promptly investigates the issue and takes appropriate
actions, including the removal of any compromised container services, if necessary, to
maintain the security and integrity of the environment.
We are committed to maintaining a proactive and vigilant security posture to safeguard
our systems and protect our customers' data. By continuously monitoring and detecting
potential threats, we can quickly respond to any security incidents and mitigate risks
effectively.
Incident Response
Sutherland Robility places great importance on incident response and has established
a comprehensive program to address security and safety incidents that may affect our
managed networks, systems, or customer data.
Our incident response program follows a structured approach, encompassing analysis,
containment, eradication, and recovery phases. When an incident is detected or reported,
our dedicated incident response team promptly initiates the necessary actions to address
the situation effectively.
The analysis phase involves gathering relevant information about the incident, conducting
investigations, and determining the scope and impact of the incident. This helps us assess
the severity and take appropriate measures.
Once the incident is analyzed, our team focuses on containment, which involves isolating
the affected systems or networks to prevent further spread of the incident. We implement
controls and security measures to mitigate the impact and limit any potential damage.
Eradication involves the thorough removal and eradication of any malicious entities or
activities from the affected systems or networks. Our team utilizes advanced security
tools, techniques, and best practices to ensure a complete eradication of the incident.
The recovery phase focuses on restoring the affected systems or networks to their normal
operation. We have robust backup and disaster recovery mechanisms in place to facilitate
the restoration process efficiently and minimize any potential downtime.
Throughout the incident response process, our team maintains clear communication
channels to provide timely updates to relevant stakeholders, including customers, and to
ensure transparency and collaboration in resolving the incident.
By maintaining a well-defined incident response program, we are prepared to handle
security incidents swiftly and effectively, minimizing the impact on our managed networks,
systems, and customer data.
Incident Notification
Sutherland takes data security and privacy seriously, and in the event that we determine
a security incident has occurred that may impact customer data under our control, we
will follow all applicable laws and regulations regarding data breach notifications.
Our priority is to notify affected customers promptly and transparently about the incident,
the nature of the data that may have been compromised, and any recommended actions
they should take to protect their interests. We understand the importance of timely
communication to enable customers to respond appropriately and mitigate any potential
risks or damage.
The specific notification process will vary depending on the jurisdiction and the
requirements imposed by relevant data protection and privacy laws. We will adhere to
these legal obligations and provide the necessary notifications within the specified
timeframes.
Our commitment to data security extends to working closely with customers during such
incidents, providing support and guidance throughout the resolution process. We aim to
maintain open lines of communication and cooperation to address any concerns or
questions that customers may have.
Sutherland Robility strives to uphold the highest standards of data security and
confidentiality. We continuously assess and enhance our security measures to mitigate
risks and protect customer data from unauthorized access, disclosure, or misuse.