Secure hosting
Government-grade security for your Drupal applications
Relied on by Australian Government and Higher Education clients, Skpr employs best-practice security protocols at every level.
AWS Australian data centres
Data sovereignty comes as standard.
We use secure AWS Australian data centres (ap-southeast-2 region) in Sydney. These centres follow strict, multi-layered physical security controls that go beyond the ISM requirements for UNCLASSIFIED (DLM) data storage.
Backed by world-class AWS security certifications ISO27001 and IRAP, our platform and customers benefit from the highest national and international security standards.
Government security compliance
Skpr is designed to comply with the Australian Government ISM controls and the Australian Cyber Security Centre (ACSC) Strategies to Mitigate Cyber Security Incidents, including the Essential Eight Maturity Model.
Transparent security practices
Security and privacy are built into everything we do.
That's why we maintain a robust System Security Plan developed in collaboration with our clients. We also maintain a Cyber Incident Response Plan and a Security Risk Management Plan, all part of our publicly available Docs library.
Secure. At every layer of the stack
Layer 1:Edge
- Firewall
- A Web Application Firewall (WAF) protects apps and APIs against bots and exploits that consume resources, skew metrics, or cause downtime.
- Certificates
- Certificates are managed using AWS Certificate Manager.
Layer 2:API
- Role-Based Access Control
- All access is managed centrally using AWS IAM for Role Based Access Control.
Layer 3:Compute
- Vulnerability Management
- AWS Inspector provides continuous, automated security vulnerability assessments for infrastructure and applications.
- Intrusion Detection
- Falco highlights unusual activity, alerting you to potential security threats and flagging compliance violations, helping to provide thorough runtime security.
- Read Only Filesystem
- All applications are deployed with read only filesystems to ensure that packaged application code cannot be modified by a malicious actor.
- Asset Scanning
- ClamAV is an operating system agnostic, open-source, anti-virus that enables applications to scan file uploads for malicious content.
- Managed Services
- AWS Managed Services are leveraged at many layers of the stack e.g. CDN, Database, Filesystem etc. These services either automatically patch and/or manage their own patching/update workflows during a maintenance window.
Layer 4:Account
- Threat Detection
- GuardDuty provides a threat detection service. It’s continuously monitoring and checking AWS accounts and workloads for external threats.
Layer 5:Process
- Frequently Patched
- All infrastructure and application runtimes are frequently patched to ensure your applications are as secure as possible.
- Fresh Base Images
- Base container images are rebuilt nightly with the latest features and security patches included.
- Documentation
- Skpr maintains a publicly available, up-to-date set of documentation that outlines our product and procedures.
Questions about our security practices?
Talk to our team about your requirements
We'll be in touch within 24 hours