The level of redundancy provided will be limited by the architecture of applications deployed into a Cloudland stack.

At the physical layer Cloudland DaaS is deployed across highly available compute (Dell PowerEdge) and storage nodes (IBM StorWize Active/Active Fibre Channel storage systems) VMware high availability deployed.

At a logical layer, client software components can be architected with features such as SQL server mirroring, clustering or replication. Multiple front end virtual Desktop and application delivery servers and Global Server Load Balancing via Citrix NetScaler.

Architecture can be flexible but will come down to time and cost constraints.

Regular hot-backups and instant offsite replication + warm standby servers in separate DC are available.

Custom RPO and RTO’s available.

https://www.hd.net.nz/our_network

External and internal firewalls in place to protect network and systems.

Highly sensitive systems with physical VLAN/firewall segregation.

Sophos UTM platform performing constant web and email threat analysis, multiple patterns in use with Sandboxing technology.

Multiple publishing/delivery options available to expose internal systems to the internet from Sophos UTM reverse publishing through to Citrix NetScaler with 2Factor auth.

Defence in depth with different AV product deployed across server fleets (Trend).

Automated alerting across failed authentication attempts.

DOS attack prevention / mitigation systems in place – multiple carrier paths

Clients can control 3rd party access via YourPortal with account expiration options set.

No standard users in Cloudland DaaS have elevated rights

Mandatory monthly patching across all hosted services with 0 day critical exploits patched with prearranged outage windows

Cloudland internet facing systems tested with Qualys toolsets (exploits and patches) – this is customisable per client and clients can leverage their own providers for this if required

Cloudland can work external security firms on a range of custom tests or external consultants

Core Cloudland platform changes handled via internal ITSM toolsets and processes. Impact analysis and peer review performed across all changes.

Up to our clients as to how strict they want their own systems managed in regards to change management

Connections, disconnections, reconnections all logged and reported on for access into Cloudland DaaS

Retained for 12 months, tamper proof logging

Custom logging available and dependant on systems the client deploys into Cloudland

Least rights required model employed across Cloudland services

Complex passwords and 2Factor authentication

User provision and de-provisioning automated workflows used

We do not collect privacy information, only basic information required to deliver the DaaS service

Client systems deployed into Cloudland would be governed by client policies & procedures / information management policy

Retention and destruction customisable to client requirements

Security mesh, reinforced door frames, walls & ceilings at all entry points

Man-trap entry, monitored proximity card access & personnel control

24x7x365 Video surveillance & remote monitoring throughout

Dual path 24/7/365 monitored alarm & glass break

Monitored VESDA (very early smoke detection apparatus) system with 3-stage alarms

In-house carbon dioxide extinguishers

1.28 PUE Certification

Only Cloudland management allowed access into Cloudland racks

https://www.hd.net.nz/our_datacentre

Cloudland is a niche provider with a small team aiming to deliver maximum value to small/medium businesses

Our key people have an extensive background in public health sector and understand info sec, policy and governance and ensure our clients interests are served well.