Security, Backups & DR/BC
CloudyCluster follows industry security best practices as part of its automatic deployment.
- The control node deploys a VPC and all computational and storage resources are created within the VPC.
- The login instance performs the role of bastion host.
- All permissions follow the least necessary privileges philosophy by assigning only the needed permissions to the IAM roles required by the instances to perform their functions.
- There are additional security features that can be enabled to meet various security requirements including:
- encrypted Block volumes for OrangeFS are enabled by default
- Multi-Factor Authentication
- Lets-Encrypt for SSL Certificates, updated every 90 Days.
These features can all be enabled through the web user interface.
Backups and Disaster Recovery
- It is recommended that you backup data that is not easily reproducible to object storage.
- If you automate the automatic deployment and deletion of your environment with Automaton, make sure your critical data is saved outside the environment before you delete it.
- If you need real time BC or DR capabilities, you can run multiple CloudyCluster environments in different regions.