How We Keep Your Manufacturing Data Secure in the CloudCloud Security
We hear from manufacturing businesses that they are still nervous about their data in the cloud. While we believe there is plenty of evidence that our cloud is secure, we also believe this concern is justified. You deal with sensitive data about your business all the time. If you are moving your operations to the cloud, you want to make sure that data is going to be safe. An important thing to remember is: we do too.
Our core business is making sure that your data is not only accessible to those who need it, but also that it is secure. If we didn’t do this, we’d be out of business. That’s why data protection and privacy are paramount at Plex. Here are five ways we keep your data safe in the cloud:
- Complex Layered Security
Starting with our data centers: the advanced, purpose-built design of each facility is constructed to withstand disasters and other physical attacks. Our data centers are protected and monitored 24/7/365 by third-party surveillance and require two-factor biometric and keycard access to reach our equipment. All equipment is accessed and maintained by Plex personnel exclusively. On top of all of this, customer data is encrypted while at rest with FIPS-compliant ciphersuites.
- Threat Prevention
Much like you plan to mitigate risks to your business or your supply chain, we also plan to mitigate threats to our systems. Best-in-class firewalls enable us to classify and inspect all traffic and assign comprehensive and precise security policies. Endpoint protection across our environments block malware, exploits, and zero-day threats. We also ensure that our customers can reach their data, even while under attack, with best-in-class distributed denial of service (DDoS) protection.
- Security Policies and Procedures
Plex maintains detailed policies and procedures covering our security environment that are routinely updated to reflect current best practices and threats. We contract with multiple dedicated security firms to ensure that we remain ahead of the curve in terms of our security posture and approach, including incident response plans and staff augmentation in the event of a major security issue. We also rigidly follow Center for Internet Security benchmark standards.
Testing is a major part of our security practices. We conduct third-party application vulnerability testing on a daily basis, comprehensive quarterly automated vulnerability testing, and biannual third-party manual network and application penetration testing. It’s also worth noting that prospects and customers often put Plex to the test. During its Plex evaluation, for example, one prospect hired a former CIA IT expert to try to hack into the Plex Manufacturing Cloud. The effort failed.
- Third-Party Auditing
We can tell you all day long how secure our data centers are but validation from third parties is much more compelling. We conduct annual audits resulting in SOC 1 (previously known as SSAE 16) and SOC 2 reports that validate proper processes for financial reporting as well as security, availability, and processing integrity. These audits provide further evidence that our security policies are at or above industry standards.
After explaining all of this to the customers and prospects I talk to, I often ask them if they can provide this level of security on their own. I find that once they realize how seriously we take security here to at Plex, their worries will often fall by the wayside.
For more details to share with your colleagues on Plex Cloud Operations, download the data sheet.