At Elysium, our security management is tailored to complement our Software as a Service (SaaS) framework effectively. We utilize the security controls provided by our cloud service provider, AWS, and make certain that our applications and measures align with the security commitments we have made to our customers.
Network
The cornerstone of security at Elysium is based on infrastructure protection. We use our Virtual Private Cloud (VPC) to ensure our networks are logically separated and secure. By setting up and managing security groups, we regulate network access through specific inbound and outbound rules to control and limit access.
Availability
Our products are designed for high availability, catering to a wide range of monitoring and observability requirements for our customers, benefiting from the scalability provided by our cloud service provider AWS. Details on our SLA are available in our Master Services Agreement.
Personnel
At Elysium, protecting our customer data and company resources is paramount, and should be top of mind for all employees. In compliance with legal requirements, we conduct background checks on all prospective employees before they join our team. Furthermore, all staff members receive ongoing training in security and privacy awareness with focus on both technical and non-technical training.
Product
At Elysium, ensuring the security of our products is a top priority. From the earliest stages of our software development lifecycle, we embed security measures within the design of our products. Our development process adheres to DevSecOps methodologies, allowing us to weave security practices throughout the release cycle. This approach enables us to identify and remediate vulnerabilities quickly, offering a significant advantage over longer release cycles. Our change management policies and procedures are meticulously crafted, outlining the precise circumstances and methods for implementing changes. This strategy is fundamental to our DevOps security approach and the development practices that have been pivotal in Elysium’s widespread adoption.
Release Management
Our goal is to apply updates that could affect end users swiftly and within the timeframes promised in our service level agreements for customers. We keep our end users informed and arrange service windows by sending notifications, ensuring minimal disruption and maintaining our commitment to service quality.
Physical
Elysium maintains reasonable steps to ensure that its facilities, information systems, and data are accessed only by authorized personnel or authorized third party visitors to prevent unauthorized access, damage, theft, and interference. All physical security requirements are applicable to both remote and in-office work. Key aspects of physical security include: perimeter and border security, entry controls, visitor management, restricted areas, equipment protection and maintenance, awareness and training, and risk management.