What is happening?
We are planning to extend our file storage capabilities to include the Amazon Web Service’s (AWS) Simple Storage Service (S3). AWS host their own FAQ page for their S3 service.
Why is Huddle doing this?
The benefits of cloud Infrastructure-as-a-Service have been steadily growing over the last decade. Amazon’s vastly scalable storage offerings are particularly beneficial to Huddle and our customers as utilising Amazon services allows us to continue to scale predictably whilst upholding industry leading security standards.
Where will my content be stored?
The existing Huddle global platform will continue to be hosted with Rackspace in the UK. This project will allow file content to additionally be stored in the AWS UK (London) Region to ensure continued UK data residency.
When is this happening?
The new storage capability is currently scheduled to be operational from mid-October 2017, when we will begin migrating content stored in Huddle into the new file storage platform.
What are the Security considerations?
All file content migrated to the AWS S3 storage infrastructure will be encrypted in transit, and will by default be encrypted at rest with strict object permission and access control policies in place.
What are the Compliance the considerations?
Every AWS Region is designed and built to meet rigorous compliance standards including ISO 27001, ISO 9001, ISO 27017, ISO 27018, SOC 1, SOC 2, SOC 3, PCI DSS Level 1, and many more. The AWS Cloud Compliance page includes information about these standards, along with those that are specific to the UK, including Cyber Essentials Plus. The SOC3 report can be downloaded here.
What are the High Availability (HA) and Disaster Recovery (DR) considerations?
The AWS UK, London Region is made up of multiple data centres termed Availability Zones (AZs). In a DR scenario where connectivity to a data centre is lost the service continues unaffected supported by other AZs. High availability is achieved as AWS redundantly stores files on multiple devices designed to sustain concurrent device failures by quickly detecting and repairing any lost redundancy.
Can customer security personnel carry out a site visit at AWS London?
No. As AWS’s data centers host multiple customers, AWS does not allow customer visits, as this exposes a wide range of customers to physical access of a third party. But they certainly understand the need, and in order to provide customers with peace of mind, independent assessment and validation is conducted on effectiveness of controls. AWS Compliance Reports from these assessments are made available to customers via AWS Artifact so customer can evaluate the security and compliance of the AWS managed environment. The AWS Compliance Reports identify the scope of AWS services and regions assessed, as well the assessor’s attestation of compliance. A vendor or supplier evaluation can be performed by leveraging these reports and certifications.
How will users be affected?
Whether a user's Huddle files are stored in Rackspace or in AWS S3, their experience should be comparable. There is no action that users need to take.
If you have any further questions or comments, please do get in touch with your Customer Success Manager directly, or e-mail firstname.lastname@example.org.