Platform security

Designed for security

The Guni cloud infrastructure is housed in secure data centres, designed to satisfy the requirements of our most security-sensitive customers. The Guni infrastructure has been designed to provide the highest availability while putting strong safeguards in place regarding customer privacy and segregation.

Constantly monitored

The Guni infrastructure is protected by extensive network and security monitoring systems.. In addition, Guni infrastructure components are continuously scanned and tested. The Guni production network is segregated from the Guni corporate network, and access to this network is monitored and reviewed on a daily basis by Guni security managers. The Guni production network is segregated from the Guni corporate network and requires a separate set of credentials for access, consisting of SSH public-key authentication through a bastion host using an MFA token. This access is monitored and reviewed on a daily basis by Guni security managers.

Highly automated

Guni purpose-builds most of our security tools to tailor them for Guni’s unique environment and scale requirements. These security tools are built to provide maximum protection for your data and applications. This means Guni security experts spend less time on routine tasks, and are able to focus more on proactive measures that can increase the security of your Guni Cloud environment.

Highly available

Guni builds its data centers in multiple geographic regions as well as across multiple Availability Zones within each region to offer maximum resiliency against system outages. Guni designs its data centers with significant excess bandwidth connections so that if a major disruption occurs there is sufficient capacity to enable traffic to be load-balanced to the remaining sites, minimizing the impact on you.

Security features

Network security

Guni provides several security capabilities and services to increase privacy and control network access. These include:

• Built-in firewalls allow us to control network access to our server instances and subnets
• Encryption in transit with TLS

De-identify message body

On request, we can de-identify the body of messages to satisfy your strict security and compliance requirements.

Access control

Guni offers you capabilities to define, enforce, and manage user access policies across Guni services. This includes:

• Identity and access management capabilities to define individual user accounts with permissions across Guni resources
• Guni provides native identity and access management integration across many of its services plus API integration with any of your own applications or services.

Monitoring and logging

Guni provides tools and features that enable you to see exactly what’s happening in your Guni environment. This includes:

• Deep visibility into API calls, including who, what, who, and from where calls were made
• Log aggregation options, streamlining investigations and compliance reporting
• Alert notifications when specific events occur or thresholds are exceeded

These tools and features give you the visibility you need to spot issues before they impact the business and allow you to improve security posture, and reduce the risk profile, of your environment.

Guni Compliance

Assurance programs

As a company, we don’t have any major accreditations, however, our data centre vendor (AWS) is accredited with the following assurance programs/standards:

• PCI DSS Level 1
• SOC 1/ ISAE 3402
• SOC 2
• SOC 3
• IRAP (Australia)
• ISO 9001
• ISO 27001
• MTCS Tier 3 Certification
• FERPA
• ITAR
• Section 508 / VPAT
• FedRAMP (SM)
• DIACAP and FISMA
• NIST
• CJIS
• FIPS 140-2
• DoD CSM Levels 1-2, 3-5
• G-Cloud
• IT – Grundschutz
• MPAA
• CSA
• Cyber Essentials Plus
• Regulation 2016/679 of the European Parliament