"Commitment to ensuring confidence of our clients is crucial. Its Security, Compliance and Certainty - over a core of transaction integrity. base2Services proven Security capability delivered for us."Rick Pezzimenti, CIO, Linear Asset Management
Security as a ServiceStarting with a secure baseline
Our clients need to meet various compliance and security expectations. Regulatory regimes include HIPAA, PCI DSS, SOC1/2/3 and some particularly specific to their regulatory/geographic requirements such as gaming or privacy based on their licence rights.
All our clients share some common threads. Security is a key element of business value. Some have a solid handle on security, many turn to base2Services for our proven capacity to help them understand how to use AWS in a secure way. After >300 AWS migrations we have not only delivered on many different Security requirements, we have also developed a deployment methodology that slashes the time and cost of achieving the security result.
Minimizing risk and meeting security/compliance obligations and balancing appropriate cost and time needs to enable the business to protect its and their customer assets.
Here is what you get with our Security Managed Services, all at a fixed monthly fee.
We push all logs to your choice of system, Pagerduty, Slack, Splunk, Sumo or any other logging system. The thresholds and metrics on logs are completely customizable and suited to your business.
Compliance on AWS
PCI Levels 1 to 3, HIPAA, SOC v3 and v1. If your auditors find an issue, we will fix it. Saying that, no auditor has yet found an issue.
By containerizing everything, we ensure that nothing is left to chance. All development, test and production environments use the same baseline and docker containers with the only key difference in the configuration, and that is if there has to be difference
Working closely with your security and development teams to improve the process and performance of your system. Consider us an extension to your team. We're here to bounce ideas off of. Whether its designing, planning, implementing or configuring your system for the cloud, we will give you advice and help you with reviews, guidance, recommendations and enhancements.
We ensure that everything the developers build can be tested and audited. It is only deployed to production when you are ready. We advocate continuous delivery and manage the process for you to get releases out fast and eliminate errors taking complete advantage of ci as code.
Whether you release or we do, it is always auditable and can be rolled back to the previous state
We believe the key to ongoing success and health of a system is to pick up trends early to prevent issues in the first place. We actively monitor and check the health of your system including monitoring of the system, infrastructure, application security, log files and edge services like DNS, black lists and PCI compliance.