Memset passes penetration test in readiness for G-Cloud
11 Apr 2012Award-winning British cloud provider, Memset®, today announced that their Miniserver VM™ (cloud compute) and Memstore™ (cloud storage) services passed penetration tests and IT Health Checks carried out by Encription who are CREST & Tiger certified.
Memset have already been awarded a Framework Agreement for the provision of G-Cloud services and are supplying services to government at Impact Level 0 (IL-0) from their public cloud, for example, DECC's heatmap.
The hosting company has been putting their cloud products through rigorous tests in pursuit of assurance by CESG at up to IL-2.
Penetration Testing is a technique used by Security Professionals to identify security vulnerabilities and misconfigurations that could be used to exploit an organisation's Information Assets.
Encription, who carried out Memset’s test, found there were no vulnerabilities or warnings of any kind, confirming that Memset's systems' security. The tests included attempts to launch attacks on virtual machines (VMs) sharing the same host server and the failure to cause any impairment to the performance of security of the attacked VMs demonstrates the integrity of Memset's Xen-based hypervisor layer.
Memset's cloud services are built on open source tools combined with a strong in-house development team. “We achieve user segregation via a mixture of dedicated VLANs, Xen hypervisor with a number of enhancements to guarantee performance for Miniserver VM and OpenStack with further in-house additions for Memstore. We passionately believe that open source software is actually more secure,” said Kate Craig-Wood, MD of Memset.
"Memset is committed to ensuring security remains a top priority, delivering the highest level of protection and control together with an exceptional user experience for enterprise and government alike,” concluded Craig-Wood.