Illustration castle

Security
at the core

Security profiles ranging from basic security to PCI DSS or HDS compliance.

Tune your security profile to your needs

GDPR compliance made easy

Turnkey advanced security features:

  • Secrets management
  • Automatic credentials rotations
  • Ciphering, …
Illustration Security Image Keys

Help developers deal with security concerns

Dealing with security is a full-time job, and requires strong expertise. SquareScale provides fully-configured infrastructures and tools so developers can focus on developing features.

TLS encryption between services

Encrypted environment variables

Turnkey integrated Vault to safely store credentials

Never store passwords in clear text

API providing application-level security tools

Illustration Vault box opened

Store your credentials safely

Whichever the IaaS provider(s) you choose, SquareScale never has access to your credentials. A token is generated with your credentials and securely stored into your Vault.

Illustration crane and building

The best choices are made for you so that you can focus on building great apps

Developers are under pressure to meet deadlines. They hardly have time and resources to invest in security, despite its critical importance.

To prevent developers from setting up architectures the wrong way, SquareScale does the job for you and you can therefore spend time creating value instead.

Define the security profile your infrastructure really needs

In today’s connected world, security is a topic which can’t be avoided and should be dealt with. But each application is specific. Most startups don’t need to comply with high demanding certification standards, but still need to take care of security.

SquareScale allows you to define the security profile which is the best fit for your constraints regardless of whether you must comply with certifications rules or not.

Profiles can also be fined-tuned for your specific case:

Logo Shield

Basic Security

Turnkey security profiles with no heavy process for companies with no strong certifications constraints.

Logo Anssi

SecNumCloud

Certification required for companies considered by French government as « strategic-critical operators ».

Logo Payment

PCI DSS

Certification required for companies storing payment cards data.

Logo Cross

HDS

French certification required for companies dealing with healthcare data.

Logo EU

GDPR

European regulation providing strong requirements when storing personal data.

Compare security profiles

_
Basic Security
HDS
PCI DSS
GPDR
SecNum Cloud
Encrypted environment variables
yes
yes
yes
no
no
Fully configured dedicated Vault (Hashicorp) available for developers
yes
yes
yes
yes
yes
Encrypted filesystems (nodes + databases)
no
yes
yes
yes
yes
Subnet control, fully configured service mesh (Consul Connect) and flow map
yes
yes
yes
yes
yes
Ciphering: TLS encryption between internal services
yes
yes
yes
yes
yes
Private VPC
yes
yes
yes
yes
yes
HDS Policies
_
yes
_
_
_
CMDB: Download up-to-date documentation about deployed asset
no
yes
no
no
no
ACL: deny by default on internal components. Only justifiable access allowed
no
yes
yes
no
yes
Backup & Restore management
yes
yes
yes
yes
yes
Applications deployment logs
no
yes
yes
no
no
Detailed network infrastructure documentation and schema (type / capacity)
no
yes
yes
no
yes
Incident management
_
yes
yes
_
yes
Activity continuity
yes
yes
yes
_
yes
Documentation & certification materials
_
yes
yes
_
yes
Traceability, changelogs, reports of all actions done, PAN scan
no
no
yes
yes
yes
I/O control: DLP, WAF
no
no
yes
no
no
Access Control: 2FA authentication, default expiration date
no
no
yes
no
yes
Log Anonymisation + anonymisation tool for developers
no
no
no
yes
yes
User Content Control: data ownership + data control modules for developers
no
no
no
yes
yes
Data expiration: help developers to set expiration dates on statically stored data
no
no
no
yes
yes

Connect with our passionate team to get your early access

Icon SquareScale

Contact

Get in touch