Information Security

A part of the service lifecycle from the very beginning

Protect

Vulnerability Scan for Web sites
Vulnerability Assessment for application sites
Multi-Layer DDoS protection with Mitigation
Web Application Firewall (WAF) with add-on scanning

Detect

Multi-Layer DDoS protection with mitigation
Intrusion Detection System (IDS) – Standard or Enterprise
Security Information and Event Management (SIEM)

Comply

SOC 2
ISAE 3402
PCI DSS – standard or enterprise
Multi Factor Authentication (MFA)
Hardware security Module (HSM)

Respond

BF SIRT
Customer Team
Security operations
Security Monitoring Partner

Basefarm DDoS Protection

Continuous monitoring
To ensure that early signals of an incoming DoS attack is detected.
Fast handling
Our advanced system verifies the data packets that are addressed to the service to create damage and sends them on to our advanced management systems.

Mitigation:
Our Anti DoS systems analyzes and filters the malicious traffic from legitimate traffic, such as customer requests and thus ensuring that the malicious traffic does not affect the availability of the service.
Traffic management:
Our systems will not interrupt the real traffic, but ensuring that legitimate transactions continually reach your services, which maintain business continuity.

Our emphasis on security

Security is not a component, but something that must permeate all parts around an IT service. We ensure that security is taken into consideration in every step of the service delivery. We believe that security is key to our customers, and we continuously work to improve the security of our customer solutions from both a vulnerability and operational perspective.

Secure operations

Optimal secure solution
Our pre-sales engineers first examine your specific needs as a customer, and create an architecture that will meet your requirements.
Accountability
We are responsible for the operation of your mission critical applications so that you meet both business and legal requirements.
Local physical security
We place our cloud infrastructure in our own secure data centers.

Fast action
We keep you informed, in real time, if a security incidents should strike that affects your environment.
Preventive approach
We implement preventive measures to protect against future threats, in order for you to focus on your work.

PayEx needed to design, build and run their state of the art Nordic payment solution catering robustness, flexibility and cost efficiency. The platform needed to be PCI DSS compliant as it exchanges, processes and stores huge amounts of card data and financial information. The solution is mission critical and margins and reputation are built over time, by delivering payment services with high quality, competence and value. They needed a secure and stable environment and a partner with solid systems for operations and interaction, as well as an “advisor” regarding technology.

Basefarm designed the platform in close collaboration with PayEx. Since the PCI solution went live in the summer of 2011, it has now passed 300 million transactions with excellent performance, peaking at around 1.3 million transactions per day. PayEx use Basefarm actively and proactively in decision-making regarding the environment and other challenges related to technology.