Question: What hosting options are available?
Our Knox-grade offering is only available with AWS-based hosting as we utilise several AWS-services and other cloud-services. For our standard offering we also can host on our own servers which are deployed in Equinix and GlobalSwitch data centers. We can also support your IT team to self-host your Polonious environment.
Question: What Operating System options are available?
Question: What EC2 instancy types do you use?
The EC2 and RDS instances are sized according to your needs based on number of system users.
Question: What data import options are available within Polonious?
Question: Do you have a Data Migration tool to import data from legacy systems?
Question: What SSO Integration do you support?
Question: Is Application Server High Availability included in your offering?
Question: Do you actively monitor system availability?
Question: What DR processes are included in the offering?
Our DR drill involves setting up replacement EC2 and RDS instances, recovering the RDS DB to an agreed point in time (according to RPO), and connecting the new EC2 instance to the recovered RDS instance as well as to the S3 document store. We then verify that the instance is accessible and perform standard operations including checking case and case data availability within the system. A dedicated client contact can be involved in the DR drill if this is desired and perform their own verifications. This process usually takes up to one day. If additional tests by the client are requested this can result in a longer DR drill, and needs to be quoted on, otherwise this will be charged at our agreed standard hourly rate.
Question: What Data Backups are there for the document store?
Amazon S3 is designed to provide 99.999999999% durability of objects over a given year. This durability level corresponds to an average annual expected loss of 0.000000001% of objects. For example, if you store 10,000,000 objects with Amazon S3, you can on average expect to incur a loss of a single object once every 10,000 years. In addition, Amazon S3 Standard, S3 Standard-IA, and S3 Glacier are all designed to sustain data in the event of an entire S3 Availability Zone loss.
Our default offering utilises the highly redundant S3 service to store your documents. If you would like us to configure copies to be sent to Amazon Glacier, this can be set up at an additional cost.
Question: What Data Backups what is the backup retention?
Question: What are the ongoing storage cost increases, what comes with the base offering?
Question: What test environments are included for Data load testing, Ref data and Migrations?
Question: What does Polonious provide for SLA Reporting?
Question: What Supplier Contingency options are available?
There are various ways of mitigating such scenarios and to make sure that all data is still accessible and that the services can be resumed by the client without any involvement of Polonious.
One such solution which Polonious has implemented in the past is to copy all backups (including RDS database backups, document backups, and EC2 instance snapshots) over to a client controlled AWS account using AWS Pipeline. Polonious does not have permission to access this account other than the permission to add data backups. This optional set up is not included in our standard AW-based subscription.
Question: Does Polonious have any Data Breach reporting/notifications in place?
Question: Do you perform regular penetration tests?
Question: What are your security patching processes?
Question: Do you follow security best-practice in your SDLC?
Question: Does Polonious have SOC 2 certification?
Question: Where is my data stored?
E.g. if you are a Australian client we will store your data in AWS availability zone:
Asia Pacific (Sydney) Region
If you are a US client you can choose from one of the below Availability Zones:
US East (Northern Virginia) Region
US East (Ohio) Region
US West (Oregon) Region
US West (Northern California) Region
We can deploy your services in any of the AWS regions listed here:
Question: What data does SIEM process and do they store my data?
Polonious has several SIEM sensors and we always use a sensor which is hosted in the same jurisdiction as your hosted services. No client specific data is sent to our SIEM provider, only system events and network events. For further details read on below.
We use SIEM agents in all supported AWS services including EC2, RDS, S3, IAM, VPN. Those AlientVault agents send relevant system events to the sensor for collection. Below is a subset of events that are analysed:
- CloudFlare access logs
- VPN access logs
- Amazon VPC Flow Logs - this is the network traffic, it records which IP accessed which resources including timestamp
- CloudTrail logs - audit log for all actions taken with the Amazon API, either through the web UI, the CLI, or an SDK, this includes IAM changes, security group changes etc.
- S3 access logs - who is accessing the file data, and what actions are being taken
- RDS access logs - who is accessing the database and when
- EC2 logs:
- Linux Auth Logs - sudo, login etc
- OSQuery-Logs - changes for users, file, listening ports, cron jobs, kernal modules, processes, open network connections
- Linux Audit Logs - Linux auditd logs, e.g. file changes, user changes, sudo, hostname change, time changes
- clamav Logs - Anti-Virus scanning logs
The sensor forwards all those logged events to our SIEM provider which processes them and correlates to rules based on their threat database. Polonious staff get notified and react to any detected threats.
The raw log events are kept for 12 month.
Below link shows all Knox-compatible regions: https://docs.aws.amazon.com/general/latest/gr/rande.html
Question: I don't see my question answered here. What now?
Just get in touch via our bot or our contact form and we are happy to assist.