[GUIDE]

Opsani’s Security Protocols

A Comprehensive Look at Opsani’s Security

Opsani is the leading provider of autonomous Cloud Optimization (CO) technology, enabling businesses to optimize applications and services for performance and cost savings.

Optimization requires interaction with customer systems to gather measurements from metrics systems and perform adjustments through interactions with orchestration systems. Opsani technologies and business practices have been specifically designed to enable optimization with the least amount of risk from a security standpoint. To safeguard the data of our customers and partners, all Opsani personnel, software, and infrastructure adheres to the latest security best practices and fully complies with corporate policies.

This document details Opsani’s security policies and processes. It is intended to provide transparency into the product and organizational architecture that supports Opsani’s position as the leading provider of Cloud Optimization technology.

Product Security

The Opsani product and engineering teams are dedicated to delivering robust performance solutions that are second to none when it comes to security. To get there, we adhere to the following principles when designing and building our products:

Secure by Design

Opsani engineers believe in a holistic, architectural approach to security and defense in depth techniques for redundancy of controls. This approach includes:

  • Security sections in the product and engineering specifications that precede implementation.
  • Internal security reviews ahead of product launches.
  • Regular third-party penetration testing.
  • On-going traffic and infrastructure forensics scanning and introspection.
  • Automated test suites focused on security.
  • Development tooling and environments that are secure by default and design.
  • Training materials for engineers covering topics such as cryptography and secure coding.
  • Utilization of safe, managed programming languages whenever possible to guard against buffer overruns.

Federated Authentication

Opsani utilizes a federated authentication model that delegates authentication to the customer application through cryptographic trust. This mechanism prevents user credentials from ever traversing the Opsani infrastructure and enables customers to leverage existing identity infrastructure via SAML or OpenID Connect.

Encryption in Motion

All data in motion between Opsani clients, customer applications, and across Opsani services is encrypted with TLS 1.2 (or 1.3 where available). Data is transmitted over an HTTP 1.1 or HTTP/2 transport over the standard HTTPS port of 443. Opsani does not utilize any unencrypted data transport channels. All networks are considered potentially hostile even behind the firewall.

Encryption at Rest

All data is encrypted at rest using 256 bit AES symmetric keys at the block level. Opsani services are hosted in AWS and persistent volume storage provided by EBS is automatically encrypted at rest. Persistent storage for optimization data is stored in Google Firebase which is also encrypted at rest with AES 256.

Account Security

Opsani secures account credentials using industry best practice methods to salt and repeatedly hash passwords before persistence. Users can add an additional layer of security to their account by enabling two-factor authentication (2FA) for the Opsani console. Organizations can mandate that 2FA be enabled for all members, further enhancing security.

Role Based Access Control (RBAC)

The Opsani console enables organizations to configure specific roles for their members, ensuring that only the right level of access is available to each person.

Cloud Infrastructure Security

Security of the Opsani infrastructure and networks is foundational to delivering on the trust our customers have in us. This foundation is maintained by adhering to best in class security practices when provisioning, accessing, and maintaining our cloud infrastructure and networks. These practices include:

Asset Management

All cloud assets have a defined owner, security classification, and purpose. Opsani is a multi-tenant service. Customer data is stored in isolated collections within the cloud data store.

Defense in Depth

The Opsani production environment is hosted in a logically isolated Virtual Private Cloud (VPC) environment. Production and non-production networks are fully segregated. Access to production hosts requires operations personnel to connect via an SSH connection brokered by AWS Systems Manager (SSM).

Principle of Least Privilege

All personnel, services, and processes are granted the minimal set of privileges necessary to fulfill their function. Access to production hosts is gated by a firewall and cloud load balancer which only permits traffic to port 443 (HTTPS, HTTP/2 & WebSocket). Services are deployed as containers on cloud nodes which restrict ingress and egress traffic to the minimal set of ports necessary for the service to function.

Trusted Logging & Audits

Access to Opsani production hosts, changes to services, and network configurations are logged to an external environment with access restricted to security team personnel. This external environment provides a trusted environment for auditing and forensic analysis in the event of a breach or security incident.

Secure Architecture

Opsani is designed with security as a first principle. Interactions between customer systems and Opsani occur between a customer-managed servo and the Opsani API. The servo initiates all communication with Opsani through outbound HTTPS connections. All interactions with Opsani are initiated through the servo and as such are under the control of the system administrator managing the servo deployment.

Opsani

Opsani is a cloud service that optimizes applications and services. Opsani ingests data measurements collected by servo deployments and processes it with machine learning models to identify optimal configurations for executing cloud application workloads with a target profile of performance and cost. The output, a recommended configuration, is retrieved by the servo via the Opsani API and applied to the application by the servo.

Servo Connectors

Servo connectors are components bundled with the servo that perform adjustments and take measurements. They connect with systems such as Kubernetes, AWS ECS, AWS EKS, AWS Auto-Scaling Groups (ASGs), New Relic, Prometheus, and more. Connectors interact with the Opsani API and translate data from one system to another. They are developed and distributed as Open Source components in order to facilitate auditing, forking, and derivative works to support specific needs.

Servo

A servo is a standalone software agent running within the customer system that is connected to the customer’s metrics and orchestration systems. The servo is a component fully owned and operated by the customer which isolates access to secrets such as API keys and credentials from visibility to Opsani. This architecture is foundational to Opsani security by limiting the attack surface and eliminating the need to transmit and manage secrets outside of the customer domain. The servo communicates with Opsani over a single outbound HTTPS connection to deliver metrics data and obtain optimized settings.

Although Opsani provides Servo container images for many environments in Docker Hub, the Open Source architecture enables customers to design and develop their own implementations of servo assemblies and connectors to meet their specific needs. Connector development and distribution is documented and supported in the core Opsani documentation.

Opsani is composed of the Opsani service, the Servo agent, and selected Connectors. The Servo runs in the customer environment. Logging is supported through standard container logging or a user-installed logging agent.


Secure Data Exchange

The servo exchanges configuration data with the Opsani API to communicate metrics and obtain new configurations to be applied to the application under optimization. Descriptors are exchanged as JSON documents over an HTTPS communication channel. The semantics of these descriptors are determined by the servo and are transmitted in terms of measurement and adjustment documents, which describe metrics collected and configurations to be applied to the application respectively. Servo instances do not require direct access to the application under optimization or supporting APIs and rely upon connectors for all external interactions. Documents describing measurements and adjustment configurations are logged for reference and auditing purposes.


People Security

Opsani has created a vibrant security culture for all employees. The influence of this culture is felt across the hiring process, employee onboarding and ongoing training. Here are some of the processes that Opsani has put in place to bring in the right people and keep them up to date on security practices:

Security Training

All new Opsani employees attend a “Security 101” training during the onboarding process. In addition, all Opsani employees must take the Opsani Security and Privacy training once a year, which covers the Information Security Policies, security best practices, and privacy principles. Depending on the job role, additional training on specific aspects of security may be required. For example, engineers are trained on security related topics such as cryptography, attack patterns, and secure coding practices.

Continuous Education

The Opsani security team provides continuous communication of emerging threats, advises employees of phishing campaigns, and gives presentations on information security regularly to the company.

Risk Management

Maintaining the security and resiliency of Opsani services is the top priority of our security and infrastructure engineering teams. Even a perfectly secure service implementation is still exposed to the realities of life on the Internet. As such, it is important to build on the foundation of secure engineering by proactively assessing, detecting, and mitigating risks to our security and operations. To do so we utilize the following techniques:

Risk Assessment & Mitigation

Opsani maintains detailed risk assessment and mitigation policies that are regularly reviewed and updated.

Log Retention

Opsani retains operational logs for 90 days and security logs for 180 days. Access to the security logs is restricted to security personnel.

Incident Response Program

Opsani maintains a formalized incident response program. The incident response policy defines how security vulnerabilities and incidents are triaged, classified, reported, remediated, and mitigated.

Distributed Denial of Service (DDOS) Defense

Opsani utilizes countermeasures provided by the cloud provider to detect, mitigate, and prevent DDoS attacks.

Vendor Security

From time to time Opsani will utilize third-party vendors to provide design, development, or other services. Maintaining our robust security standards while leveraging external talent requires processes such as:

Vetting

All third party vendors are assessed by the Opsani security team to ensure that they comply with our stringent security requirements.

Relationship Audits

Once a third-party relationship has been established, Opsani periodically reviews the relationship to ensure ongoing compliance from a security and business continuity perspective.

Physical Security

Although Opsani does not maintain any physical computing resources or data centers, we are committed to securing our facilities.

Datacenter Security

Opsani leverages Amazon Web Services (AWS) and Google Cloud Platform (GCP) for production systems and customer data. AWS and GCP follow industry best practices and comply with an impressive array of security standards.

Office Security

Opsani has a security program that manages visitors and overall office security. All employees, contractors, and visitors are required to check in when coming on-site.

Business Continuity & Disaster Recovery

Opsani maintains policies and programs for ensuring continuity of business and swift recovery in the face of disaster.

Emergency Planning & Testing

The Opsani security policies include formal Business Continuity and Disaster Recovery plans that are regularly reviewed and updated. These policies detail how an emergency is declared, recovery is performed, and recovery time objectives. The disaster recovery process is tested bi-annually.

High Availability

Core production Opsani services are deployed in high availability configurations in AWS. Operational databases are provided by the Firebase product of Google Cloud Platform and are deployed in high availability configurations.

Data Backups

All backups are encrypted in motion and at rest. Backups are redundantly stored across multiple availability zones.

Compliance

Opsani is dedicated to ensuring compliance with internal security policies, industry best practices, and all relevant regulatory requirements:

Cloud Infrastructure Provider

Opsani is hosted in Amazon Web Services (AWS) and Google Cloud Platform (GCP) data centers. AWS and GCP are compliant with a wide array of security frameworks and standards including SSAE16, SOC framework, ISO 27001, ISO 27017, ISO 27018, and PCI DSS v3.2.

GDPR

Opsani does not store, process, or otherwise handle personally identifiable data governed by GDPR. Authentication is federated to customer identity providers and user identity is opaque to Opsani.

EU – U.S. Privacy Shield Framework

Opsani is self-certified under Privacy Shield as a part of our commitment to comply with EU data protection requirements when transferring personal data from the European Union to the United States.

Opsani enables businesses of all sizes to leverage machine learning technology to optimize applications and services for performance and cost. Underlying everything we do at Opsani is a foundation of trust in our product, people, and business practices.

For further information about Opsani security policies and procedures please reach out to the Opsani security team via email at security@opsani.com.