SECURITY AND COMPLIANCE

Rest assured – your data is safe!

 

Muusa has developed an elaborate and multi-layered architecture that integrates best-of-breed technology with meticulous organizational processes for online service security.

Logz.io is SOC2 Type 2 and PCI Level 1 compliant, HIPAA ready, ISO27001 certified, and GDPR ready.

How Muusa Secures Customer Log Data

Confidence is needed when relying on third-party vendors to manage and handle online data and log files securely. Therefore, the need exists for a solution that protects the integrity of your data, in its entirety, around the clock.

 

Built by enterprise security veterans hailing from firewall innovator Check Point Software, Muusa goes above and beyond to support and protect its customers’ secure environments with log management and analysis.

 

First, Muusa culture and internal development, operations, and DevOps processes themselves have been constructed to provide maximum data security.

Second, from network and cloud instance logical security to physical data center security, the company is able to secure services, data, and access.

 

Finally, we have implemented six technical and organizational measures to ensure an appropriate level of security, taking into account the nature, scope, context and purpose of the processing. Logz.io successfully completed the Service Organization Controls (SOC 2) certification audited by E&Y, making the company the only cloud enterprise ELK provider to reach that compliance standard.

 

Muusa has taken the ELK Stack, the world’s most popular open source log analytics platform, and for the first time enabled enterprises to leverage it in a strategic way by offering enterprise-grade features and completing the necessary compliance certifications

Muusa Security Measures

01

Internal R&D Processes

Security-oriented environments start with high coding standards that guard against attempted security breaches and are accompanied by rigorous code reviews and tests. Muusa employs strict development processes and coding standards to ensure that both adhere to best industry security practices. In addition, the company’s testing platform performs a set of various black box and white box tests for quality assurance (including ongoing penetration tests). R&D processes are implemented and supported with security as a top priority across all system layers, from the physical layers up to the application layer.

02

Physical Data Center Security

Muusa relies on the Amazon and Microsoft cloud’s exceptionally flexible and secure cloud infrastructure to store data logically across multiple AWS and Azure cloud regions and availability zones. AWS and Azure make abiding by industry and government requirements simple and ensures the utmost in data security and protection. For example, AWS infrastructure aligns with IT security best practices and follows a number of compliance standards such as:

  • SOC 1/SSAE
  • 16/ISAE 3402(formerly SAS 70 Type II)
  • HIPAA
  • SOC 2
  • SOC 3
  • FISMA
  • DIACAP
  • FedRAMP
  •  

All data centers that run Muusa platform are secured and monitored 24/7, and physical access to both AWS and Azure facilities are strictly limited to select internal cloud staff.

03

Instance and Network Security

Every microservice runs inside a well-defined Docker container that allows specific levels of access to select controllers. Muusa uses Docker to avoid erroneous instance-configuration changes, upgrades, and corruption that are common sources of security breaches. Additionally, Muusa hardens docker images running within containers to enable various network access controls.

Muusa takes necessary precautions to ensure that every layer involved in data transfer is secured by best-of-breed technologies. The company’s network is segmented using AWS/Azure security groups and additional custom measures. In addition, the Company monitors security alerts that are analyzed and addressed in real-time. Through in-depth network monitoring, Logz.io is able to detect anomalies and take a proactive approach to eliminate potential breaches.

04

Customer Data Security

Muusa secures each and every step of the data funnel. Muusa dedicates logical segments of the data stores for each individual customer’s data logs, ensuring full data-segregation. Data is tagged, segregated, and tunneled through the Company’s data-ingestion system. They mark each specific piece of given customer data according to its associated organization, which is associated with that data throughout its life cycle. When data is in transit in Company’s ingestion pipeline, it is marked with specific information, including its associated customer, so that it can only be accessed by that customer. The Company supports TLS v1.2 encryption for data in transit over the internet, so customers can securely upload their data to the Company cloud and securely browse through their own Company console. Cold data is encrypted and hosted in separate Simple Storage Service (S3) buckets, which are secured via durable AES 256-bit encryption.

05

Access Management

Muusa supports role-based access through their interface, allowing end users to be defined as admins or users as well as suspended or deleted. Customers’ account administrators manage and control user access, including provisioning new end users with a defined access level.

06

Auditing

To verify adherence with compliance policies, Logz.io uses 3rd-party auditing services. E&Y, one of the “Big Four” auditing firms, performs periodic and comprehensive auditing to audit and validate processes.