Secure Cloud Infrastructures
Your secure dedicated Cloud Native Infrastructure.
SquareScale is the first infrastructure orchestrator which can deploy/manage ready-for-production infrastructures in minutes, with a focus on security.
Setting up a Cloud Native cluster with a full DevOps stack is a difficult job. Taking care of security constraints is much more demanding. SquareScale gets the job done for you.
Security at the core.
Help developers deal with security concerns.
Dealing with security is a full-time job, and needs expertise. SquareScale provides a fully-configured infrastructure and tools so developers can focus on developing features.
- TLS encryption everywhere between services
- Encrypted Environment variables
- Turnkey integrated Vault to store credentials safely
- Never store cleartext passwords
- API providing application-level security tools
Store your credentials
Whichever the IaaS provider(s) you choose, SquareScale never has access to your credentials. A token is generated with your credentials and safely stored into your vault.
Define the security profile your infrastructure really needs.
In today connected world, security is an unavoidable topic to be dealth with. But each application is specific. Most startups don’t need to comply with high demanding certification standards, but still needs to take care of security. SquareScale allows you to define the security profile fitting most with your constraints, ranging from basic security to PCI DSS infrastructures.
Profiles can also be fine-tuned for your specific case.
Turnkey security profiles with no heavy process for companies with no certifications constraints.
French certification required for companies dealing with healthcare data.
Certification required for companies storing payment cards data.
European regulation providing strong requirements when storing personal data.
Compare security profiles.
|Basic Security||HDS||PCI DSS||GPDR|
|Encrypted environment variables|
|Fully configured Dedicated Vault (Hashicorp) available for developers|
|Encrypted filesystems (nodes + databases)|
|Subnet control, Fully configured service mesh (Consul Connect) and flow map|
|Ciphering: TLS encryption between internal services|
|CMDB: Download up-to-date documentation about deployed asset
|ACL: deny by default on internal components. Only justifiable access allowed|
|Backup & Restore management|
|Apps deployment logs|
|Detailed network infrastructure documentation and schema (type / capacity)|
|Documentation & certification materials|
|Traceability, Changelog, report of all actions done, PAN Scan|
|I/O control: DLP, WAF|
|Access Control: 2FA Authentication, Default expiration date|
|Log Anonymisation + anonymisation tool for developers|
|User Content Control: data ownership + data control modules for developers|
|Data expiration: Help developers establish expiration dates on statically stored data|