Data center and infrastructure in Switzerland
SwissInfoCloud is a system of storage and administration of confidential information. The storage of information is organised on servers located in Switzerland that is considered to be one of the world’s most reliable jurisdictions for storage of information, owing to its political neutrality, economic and social stability, and the legal framework regulating information security and preserving the private interests of clients.
The physical attributes of the data center are in accordance with strict security requirements. They include: electronic control for all doors, internal and external surveillance cameras, entrance for authorized registered persons only, and fire protection, including heat detectors that ensure early detection, fire-resistant materials and automatic firefighting systems.
The SwissInfoCloud data center meets the highest quality standards and is equipped with servers manufactured by IBM, one of the world’s leading manufacturers of server solutions for business. The data is stored on high-speed SAS drives in RAID arrays. The data center is equipped with modern ventilation systems, air conditioning, fire control and 24-hour security in accordance with international standard ISO 270001.
Clusters of servers, disk arrays and network equipment are connected to an uninterrupted power supply (UPS). Batteries allow for the operation of the data center for several hours. In case of a longer power cut in the data centre, a high-power diesel generator, included in the infrastructure of the data center, provides electrical power to the data center as long as necessary. It takes only a few minutes to start the diesel generator.
To protect against any accidental or intentional damage of the data, regular backups are made. Backups are regularly encrypted and sent to be archived outside the data centre.
SwissInfoCloud uses the "cloud server" that is a virtual machine running on a cluster of high-performance servers in order to achieve the highest level of availability and protection against failures. Server clusters run under the Microsoft operating system. The use of fault-tolerant clusters eliminates single failure points and brings redundancy into the system. There is no operating downtime caused by server hardware failure.
Access to virtual servers is via the internet. Network devices and data exchange channels are also duplicated. Therefore there is no denial of service due to accident or the failure of any equipment or operators.
One of the main means of ensuring security in SwissInfoCloud is encryption of all data. All data received by or sent from the SF (server field) is encrypted using block encryption symmetric algorithms (AES and 3DES), with a 128/256 bit key, using the SSL or IPsecVPN protocol, that makes it impossible to decrypt the intercepted data in an acceptable period of time. All traffic passes through the safe network firewall and Security Gateways, which are a complex of hardware and software means that monitor and filter network packets passing through it in accordance with prescribed rules.
One of the most important aspects of information security is the procedure for accessing the remote computer. For this purpose SwissInfoCloud uses a "two-factor authentication system" RSA SecurID. From a functional point of view, this is a random number generator that generates a one-time passcode, once a minute, on the basis of readings from the built-in timer and the counter’s initial value, unique for each authenticator.
If sensitive information should fall into the wrong hands, you can use the SwissInfoCloud system Panic Button, which automatically blocks access to information.
Personal data protection
That is because it is precisely advertisements which are a source of profits for many major operators in the IT services market. The business model is the following:
- Produce a great product;
- Offer it free of charge to many users;
- Sell advertising, as well as the shares, to the market leader on the stock exchange.
SwissInfoCloud does not earn on advertising and does not offer services to millions of users. Our services are designed for businesses. Confidentiality and reliability are important for businesses, and they are willing to pay to ensure they are maintained.
We apply very rigorous privacy policies for the complete protection of our clients' personal information. Unlike many other companies, who use clients’ data for purposes of marketing or improvement of services, we do not use or analyze our clients' data in any way.