FLACS-Cloud is designed such that your data is secure and accessible only by you. Gexcon grants access to one or several users in your organization and only those will be able to connect to the service. The actual access control is through the ssh key pair that each user sets up: access to the FLACS-Cloud system is only granted for correct and registered key pairs. All data transfer is through secure connections like ssh.

Below is some additional information regarding Gexcon's partner, EPCC, and their computing systems.

About EPCC

EPCC is one of Europe’s premier supercomputing centres and is based at The University of Edinburgh. Since its inception in 1990, EPCC has gained an enviable reputation for leading-edge capability in all aspects of HPC. The centre provides hosting, provisioning and management of high performance computing and data facilities for both academia and business. With some 80 highly qualified permanent staff, EPCC has an exceptional pool of talent and has leveraged these resources in helping over 700 industrial organisations benefit from HPC over the last 25 years.

Security

EPCC's “Accelerator” service provides industry with access to a wide range of High Performance Computing (HPC) and Data infrastructures. All systems are hosted at Edinburgh’s highly secure Advanced Compute Facility (ACF). The ACF is a world class, purpose built facility with the highest levels of physical and logical security.

All services are hosted, managed and supported by EPCC. System usage is governed through well-designed and well-managed security procedures. These procedures are designed to protect user programs and data and to protect the integrity of the machines. As part of EPCC's contract with the UK Government, the security of their systems is audited by QinetiQ on an annual basis. This is a general penetration test audit and covers the physical security of the system at EPCC's Advanced Computing Facility (ACF), network access to the system and user and group management processes and tools.

The ACF is both ISO9001 certified and a National Accredited Safe Haven, certified by the Scottish Government to hold all NHS Scotland data. CLAS certified consultants provide advice on the security dimensions of the Safe Haven. The Safe Haven undergoes annual penetration testing by a CREST certified practitioner. EPCC is working towards ISO27001 accreditation with an expected completion date of end 2017.

All systems run versions of the Linux operating system which is a Unix variant. Security on the systems is enabled via standard Unix group based security. Users are required to have strong passwords and accounts are automatically disabled after repeated failed login attempts. The system is constantly monitored by EPCC systems staff who have a variety of tools at their disposal to ensure correct behaviour of users and their applications. The machines are securely accessed by all users using the SSH protocol and terminal emulators such as PuTTY or SSHClient. Files are transferred using the secure, SCP and SFTP applications (or similar).

More information is available by request to flacs@gexcon.com.