Orcanos Cloud Security,
Backup And DR Center

Orcanos Cloud is a powerful cloud solution designed to provide the highest level of security for our customers.
Orcanos Cloud covers all security areas, including physical, operational, network, system, application, access, and data to ensure that your data always remains secure and private. We use best practices for security and the best built-in tools of Amazon Cloud (AWS).

Security Certification

ISO27001 certification logo

Orcanos is ISO 27001 certified.
This certification demonstrates to our customers that Orcanos Ltd.
meets this high security standard and our processes are designed
to ensure that all information assets are safe and secure.
Download Certificate

Physical and Operational Security

Orcanos Cloud uses Amazon's AWS infrastructure, which is considered the gold standard for cloud applications and data security. The infrastructure is physically secure within Amazon data centers that adhere to the highest standards.

For more details, visit the AWS Compliance page, and the AWS Cloud Security page.

Network Security

  • Dedicated firewalls on all publicly facing servers.
  • AWS ACL + Windows firewall – only required channels are open
  • AWS Firewall  + Windows firewall. HTTPS 443 access only to Frontends. Backend server is closed for any remote connection except a custom RDP port and double authentication
  • Connecting from remote only for authorized personnel
  • Centralized user and groups management and policies
  • Connecting from remote only for allowed IP’s
  • Encrypted data transfer via HTTPS (256-bit SSL certificate)
  • Secure, private sub-net provides a secure connection to transfer data between data centers
  • Secured Access Service Edge (SASE) using common 3rd party layer

Application Security

  • Vulnerability scans of all systems ensured for compliance by Commonly used Antivirus
  • All system access via Secure Socket Layer (SSL)
  • Role Based Access Control (RBAC)
  • Password Policy Control; Set Password expiry time, enforce strong user passwords and more
  • Disable user feature- immediately lock down
  • IP Restriction option: Limit users to specific range of IP addresses
  • Support SAML, and other SSO

Data Security And Data Isolation

  • All customer data stored securely and kept confidential per the Terms of Service
  • In Orcanos’ single-tenant environments, customer data resides in a unique, separate database and separate file system.
  • Use of encrypted and secured Database as a Service

Internal R&D Procedures

  • Our R&D machines are all protected with a commercial up-to-date Antivirus software
  • All files uploaded to the cloud by a secured connection
  • All files uploaded to the cloud and to the upgrade server are automatically scanned by Antivirus before uploading
  • Orcanos Company is behind a firewall
  • Passwords are changed periodically

Data Access

Only a select group of Orcanos’ employees have access to our production environments and only after undergoing thorough background checks.

We provide on going training for our employees regarding how to maintain customer confidentiality and how to handle sensitive data.

Each admin group has its own individual credentials

OS Patching

Orcanos is patching the servers on a monthly basis. Orcanos is making sure the official MS updates are installed on both Frontends and Backbends.

Orcanos Backup Center (RPO)

AWS RDS – SQL databases
Daily and Weekly
RDS Snapshot
IIS Application – Files
Daily and Weekly
FSx Snapshot

Retention: Daily backups are kept for 5 weeks and Weekly backups are kept for 12 weeks.

Disaster Recovery (RTO)

Action Items
Recovery Time
Database corruption (accidental or malicious )
Restore from RDS snapshot
60 – 90 minutes
IIS corruption  (accidental or malicious)
Recover from Snapshot
Up to 6 hours
Virtual Machine EC2 instance corruption
Recover from Snapshot
Up to 24 hours
Complete AWS region failure (Highly not likely)
Install new IIS servers + recover from the latest backup set and re-configure the servers
Up to 48 hours