Security

Sure International can help protect your servers and networks from devastating DDoS attacks with a solution that not only recognises malicious data but blocks it whilst at the same time, letting legitimate data through and keeping your business running throughout an attack.

Key features +

  • Security solutions are designed specifically for your business to protect you from a range of online threats
  • In a DDoS attack, malicious or suspicious traffic is blocked but legitimate traffic is allowed through so you continue trading and don’t need to close down the affected server

Overview +

DDoS attacks are criminally motivated traffic attacks, in which networks of infected 'zombie' PCs are instructed to send traffic to your website. The problem websites face when being attacked by thousands of machines is an inability to cope with the flood of traffic. This flood overloads firewalls and upstream links, taking the site offline.

Having your website unavailable during a DDoS attack is likely to cause you significant financial loss. There have been numerous infamous examples of international retailers, financial institutions and governments suffering losses from DDoS attacks.

Our DDoS protection service uses a sophisticated multi-verification process to filter out all but legitimate traffic to your website, enabling your business to continue operating as normal even under a sustained attack.

As an extra layer of protection, our 24/7 monitoring service identifies and deals with potential threats before your business suffers from a malicious attack.

Sure’s DDoS protection service keeps your website and customers protected from targeted attacks.

Layers of protection +

On-net, we’ve deployed Arbor DDoS attack protection capable of mitigating DDoS events of up to 2 x 10Gb. The Arbor system secures the high bandwidth gateways at the network’s edge and keeps malicious data far from the core and our clients’ systems.

Above this, we’ve deployed an integrated high capacity cloud-based solution powered and managed 24/7 by Adversor. Our DDoS security solutions are capable of mitigating attacks of up to 100Gb/s, so customers stay online even when their systems are under heavy attack.

This powerful DDoS mitigation system significantly increases the likelihood of neutralising malicious attacks before they affect your operations.

Our security platform can detect and mitigate

  • Varied DDoS attacks
  • Fragmentation attacks including IP/UDP, IP/ICMP, IP/TCP
  • HTTP attacks - connection flood,(client attack) HTTP errors (404 etc)
  • Half connections
  • BGP attacks
  • DNS attacks
  • Signature based anomalies
  • Netflow loss
  • SNMP loss
  • BGP loss
  • Physical link failure
  • Client specific alerts

ISO 27001 - The Information Security Standard +

Information security is of paramount importance and our clients know that they are getting the best in security management because Sure is a certified ISO/IEC 27001:2013 company. This means that we are able to demonstrate an ability to efficiently handle confidential customer data through robustly managed processes.

We strongly believe that if you trust your data to a third party, ISO27001 is the minimum benchmark you should settle for.     

It is very difficult for a company to assess a service provider's approach to security, so ISO27001 is the international standard designed to give clients peace of mind. When you work with an accredited ISO 27001, you know that your provider has security imbedded into its processes, its people and its culture.

Importantly, ISO 27001 is far broader in scope than just the IT function. It is a certification that assesses the entire business and its supporting back-office processes to ensure the highest standards of data security are maintained.

Throughout Sure, our commitment to information security is very strong and we ensure that our working practices remain at the forefront of global best practice in security. 

Some additional information and links about ISO 27001

PCI DSS +

Sure has been accredited as a PCI DSS Level One Service Provider. This means that we deliver offshore hosting and managed services from a PCI DSS-compliant environment. 

What is PCI DSS?

PCI DSS (Payment Card Industry Data Security Standard) are internationally recognised requirements for enhancing the security of payment card data. Supported by providers such as MasterCard, Visa and American Express, these measures are designed to protect card data when used online and to establish best practice for merchants and service providers.  

PCI DSS is a prescriptive standard that includes requirements for

  • Security management
  • Policies
  • Procedures
  • Network architecture
  • Software design
  • Other critical protective measures

What PCI DSS level is Sure?

Sure has been accredited as a Level One Service Provider, which is the most thorough level of accreditation for data centres. This means that all elements of our security controls are satisfactory to meet the needs of customers requiring PCI-compliant hosting. To maintain our Level One certification, we must undergo an annual audit to ensure that best practice is being followed throughout the company.

What does this mean for customers?

Businesses that store or process cardholder data need to be PCI DSS-compliant. The fines and charges applied by credit card companies in instances of non-compliance can be severe, not to mention the reputational damage caused by breaches in data security.

The audit process covers all aspects of the business, from network infrastructure to employee screening. Hosting your equipment within a datacentre that is already compliant will answer many of the infrastructure-based requirements of your PCI audit, leaving you free to concentrate on other matters.

Customers who operate in our data centre can be sure of physical access security and technical infrastructure delivered at a PCI-compliant level. However, depending on the scope of your project and the level of your involvement with cardholder data, our accreditation may not answer all of your requirements. Please check with your independent QSA.

Downloads +

  • pdf

    Data Centre Solutions brochure

  • PDF

    DDOS Protection Factsheet

  • pdf

    PCI DSS V3.2 Service Provider Responsibilities

  • pdf

    Certificate of Compliance - Foreshore Limited

  • pdf

    Attestation of PCI Compliance - Foreshore PCI DSS

  • pdf

    Certificate of Compliance - Sure (Jersey) Limited

  • pdf

    Attestation of PCI Compliance Sure (Jersey) Limited PCI DSS

  • pdf

    Certificate of Compliance - Sure (Guernsey) Limited

  • pdf

    Attestation of PCI Compliance - Sure (Guernsey) Limited PCI DSS