WorldPosta standard security
measures & infrastructure protection

WorldPosta’s cloud services are used by many clients all over the world, all their stored data is highly secured at our cloud servers network. We are currently using many cloud vendors to assure the highest availability for the service; Amazon Web Services network (AWS), Google Cloud Platform, and we also maintain our own datacenters.

Please note that our security practices are not explained in details in this document, as knowing the tactics may lead to a hacking attempts.

Security mechanisms and processes

we implement many strategies to ensure that your organization’s data is protected. We are securing our systems and the connection between availability points for AWS and Google Cloud Servers by securing all the layers attached; physical security, network security, and data protection.

WorldPosta Servers Physical Security

Our own datacenters are hosted in secured facilities in several locations all over the world, these location are protected from physical failures and other disasters and hazards (fire, floods, earthquakes, etc.)

24/7 physical security measures:
  • The location is video monitored 24/7.
  • Our data centers are protected and guarded around the clock to secure the location.
  • Entrance is restricted to the authorized personnel only.
  • Undisclosed locations: our servers are located in undisclosed locations.
  • Security systems and fire alarms.
  • Back-up servers’ locations are hosted separately.
  • Cooling and temperature control systems.

Network Security

WorldPosta Service uses many availability points from Amazon AWS and Google Cloud Platform, to improve the content delivery and availability for all our users all over the world. We’ve considered all the attacks that could harm networks, and our dedicated team of security specialists are using a set of practices to defend the infrastructure from being hacked.

WorldPosta Network security measures:
  • Secure Communication basic techniques

a) Encrypted data transmission to WorldPosta datacenters using TLS 1.2 protocols.

b) For OWA and browser users, we use certificates issued by SHA 256 (Secure Hash Algorithm).

c) AES_CBC/AES_GCM 256 bit/128 bit keys for encryption.

d) SHA2 for messages authentication.

e) ECDHE_RSA: the key exchange mechanism.

  • Multiple network devices

we use redundant network devices such as (routers, switches and gateways) to avoid any failure at any level on the internal network. Controlled access for IT personnel.

  • IDS/IPS

Intrusion Detection System to monitor all the events occurring in WorldPosta Networks. We analyze all the data to prevent any possible threats and to help us with the periodical updates for our security policies.

Virus scanning and malware detecting: all traffic that come into WorldPosta servers and networks are scanned to prevent any infection. We use many virus detection techniques, plus our Zero-Day attack protection system to protect our systems (and yours) from the unrecognized viruses and threats.

Business Continuity Measures

WorldPosta service uses cloud computing to provide all their clients all over the world with the highest level of performance needed for business. We designed our service to be up and working with 99.9% SLA.

  • Grid Computing Architecture

WorldPosta services run on a distributed grid of servers that contain many super virtual computers, to ensure that the service is working if one of servers fails.

  • Internet connection stability

we use multiple Internet connection between WorldPosta Datacenters, Amazon AWS and Google Cloud Platform, to make sure that all of our clients have a reliable service and access to their important information.

  • Power outages back-ups solutions

our datacenters and service helpdesks are using serval power backups

  • Fire Hazards Prevention

Our datacenters are protected by industry-standard fire prevention and security systems.

  • Data Geo-Mirroring

To make sure that our Customers’ data is safe, we use mirroring techniques. We store data at separate geographic locations for disaster recovery and business continuity purposes.

Data Access Security

  • SSL connection

access to WorldPosta service and your stored data is protected, even if you’re logging from public Wi-Fi. Logical isolation for each client.

  • Email archiving protocols

in transit: SSL, and at rest: AES-256. Link scanning to detect any possible malware or ransomware. Remote-wipe all of your business data from any lost or stolen mobile devices.

  • Passwords Complex Policies

you can set the complexity level and enforce it to all user under your account.

  • 256-bit Advanced Encryption Standard (AES-256)

Automatic encryption for all clients’ data.

Compliance with Other Cloud Vendors

Amazon AWS: An Overview of Security Processes – AWS Compliances
  • Certifications

ISO 27001, FedRAMP, DoD CSM, and PCI DSS

  • Standards

The HIPAA, CESG (UK), and Singapore Multi-tier CloudSecurity (MTCS) standards

  • AWS legal data protection

AWS is fully compliant with applicable EU data protection. (For full information, check AWS Services in Scope page https://aws.amazon.com/compliance/services-in-scope/)

The shared security responsibility model

AWS Cloud Environment operates under a shared security responsibility mode, where AWS is responsible for the security of the underlying cloud infrastructure, and WorldPosta is responsible for securing workloads we deploy to maintain the cloud mail service.

WorldPosta security team implements further security measures while deploying our clients operations. We always update and enhance our layers of security according to the unique needs of our clients.

AWS’s approach to security

WorldPosta Business Mail Service uses Amazon Web Services (AWS), it delivers a scalable cloud computing platform, designed for high availability and dependability, with tools to protect the confidentiality, integrity, and availability of your business’ data.

Security of the AWS Infrastructure

This resilient infrastructure, designed for high security. Built and managed with the unique needs of the cloud in mind. AWS uses redundant and layered controls, continuous validation and testing, and a substantial amount of automation to ensure that the underlying infrastructure is monitored and protected 24×7.

WorldPosta benefits from AWS’s data center and network architecture, which built to satisfy the requirements of security-sensitive business.

Network Security

AWS provides security-specific tools and features for network security to increase privacy and control network access:

  • Built-in firewalls

ability to create private networks within AWS.

  • Encryption in transit

TLS across all services.

Private and dedicated connectivity options.

DDoS protection technologies

Google Cloud Platform: Security Overview.

Google Cloud Services Compliances
  • Certifications

ISO 27001 for shared common infrastructure, SSAE16 / ISAE 3402 Type II: SOC 1, SOC, SOC 3 public audit report, ISO 27018 Cloud Privacy, FedRAMP ATO for Google App Engine, and PCI DSS v3.2.

  • Standards

TheHIPAA, CSA STAR, MTCS Tier 3 Certification (Singapore).

  • Google Cloud Platform legal data protection

AWS is fully compliant with applicable EU Data Protection Directive, protected by the “My Number Act” (Japan), FISC (Japan), Sarbanes-Oxley Act (SOX). (For full information, check Google Cloud Platform Compliance Page https://cloud.google.com/security/compliance)

Google Cloud Platform shared security responsibility

Google Cloud Platform environment operates under a shared security responsibility model, WorldPosta and Google are responsible for implementing security measures needed

Google Cloud Platform is responsible for the security of the underlying cloud infrastructure, and WorldPosta is responsible for securing workloads we deploy to maintain the cloud mail service.

WorldPosta security team implements further security measures while deploying our clients operations. We always update and enhance our layers of security according to the unique needs of our clients.

Google Cloud Platforms approach to security

Google has a strong security culture, Google Cloud Services are designed to deliver better security than many traditional on-premises solutions.

Security of the Google Cloud Platform Infrastructure

Google designs and builds its own datacenters, also use multiple physical security layers to protect data from any expected attack.

Google also secure its hardware, and the hardware disposal process, plus protecting the premises with around-the-clock-security techniques.

WorldPosta benefits from Google Cloud Platform data center and its network architecture, which built to satisfy the requirements of security-sensitive business.

Google Cloud Platform Security Measures

Google Cloud Platform provides security-specific tools and features for network security to increase privacy and control network access

  • Built-in firewalls
  • 24/7 monitoring for any suspicious activity on Google’s networks.
  • TLS encryption in transit across all services.
  • DDoS protection technologies.
  • Malware prevention.
  • Google’s datacenters uses redundant power systems.