
Security & Compliance
Shared responsibility model

INFRASTRUCTURE AS A SERVICE (IaaS)

PLATFORM AS A SERVICE (PaaS)

SOFTWARE AS A SERVICE (SaaS)



Platform Security measures
Plenit’s identity framework combines two-factor authentication and granular access controls to protect users and resources. By enforcing strong authentication, role-based permissions, and comprehensive audit logging, the platform reduces unauthorized access risks while providing full visibility, accountability, and traceability across all user activities.

Plenit’s perimeter security combines firewalls, IDS/IPS technologies, and Anti-DDoS protection to create a multilayer defense against external threats. These controls continuously filter unauthorized traffic, identify suspicious behavior and attack patterns, and automatically mitigate denial-of-service attacks, helping preserve service availability, platform integrity, and overall security.

Plenit uses encryption mechanisms to enhance data protection and minimize exposure to unauthorized access. These controls help maintain confidentiality during transmission and, depending on the service, also while data is stored.

Plenit operates a 24/7 monitoring and alerting system that continuously supervises the infrastructure and its subsystems. By analyzing real-time metrics and detecting anomalies early, the platform can anticipate issues and act before they affect operations.

All relevant events are logged and stored to ensure the traceability of actions and changes. This simplifies audits, forensic analysis, and compliance with security policies.


Cloud products Security
Remote Desktop
Remote Desktop is designed to deliver a secure, reliable environment for remote work, combining:
- Dedicated Perimeter Protection. Traffic is monitored and filtered through firewalls, IDS/IPS, and Anti-DDoS systems.
- Multiserver Architecture & High Availability. Remote Desktop runs on a multiserver setup that maintains service continuity, allowing sessions to fail over automatically to available hosts.
- Encrypted Communications. All data uses SSL encryption to ensure confidentiality, prevent interception or tampering, and protect remote sessions against unauthorized access attempts.
- Application Isolation with RemoteApp. RemoteApp publishes applications in isolated environments to minimize exposure.
- Two-factor authentication remote access.
- Backups & Recovery. Scheduled backups include: hourly (last 5 hours), daily (last 14 days at 00:10), and weekly (last 8 weeks, Sundays at 00:15). VSS snapshots allow backups while files are in use, with two daily snapshots on C:\ and 7% storage reserved.

Servers
Servers are designed to provide a secure, flexible environment for critical workloads, combining network isolation, high availability, and robust recovery capabilities:
- Dedicated Virtual Firewall with Geo-IP. Each network includes a dedicated virtual firewall with customizable rules, IP filtering, and Geo-IP restrictions based on traffic origin.
- VPN & Private Networks. Secure connectivity is enabled through IPSec Site-to-Site VPNs and remote access. Private networks fully isolate traffic between environments.
- Load Balancing. Built-in load balancing distributes traffic across multiple virtual servers, improving performance and ensuring service continuity.
- N+1 Cluster Architecture. Physical servers run on an N+1 cluster, providing additional capacity to absorb failures and maintain uptime.
- Backups & Recovery. Servers use NetApp disk snapshots: hourly (last 5 hours), daily (last 14 days at 00:10), and weekly (last 8 weeks, Sundays at 00:15).

File Storage
File Storage is designed to deliver a secure, flexible, and efficient solution for managing information, combining encryption, granular access control, and built-in backup capabilities.
- Data Encryption. Data at rest and in transit is protected with encryption, strengthening confidentiality and reducing exposure to unauthorized access.
- User & Group Permissions. Access can be assigned at user and group level, ensuring each person can only reach the information they are authorized to use.
- Secure External Sharing. Documents can be securely shared with third parties through the web, with optional password protection and expiration dates.
- Backups & Recovery. The service uses NetApp disk snapshots: hourly (last 5 hours), daily (last 14 days at 00:10), and weekly (last 8 weeks, Sundays at 00:15).

Object Storage
Object Storage, built on the S3 protocol, provides a secure, scalable, and reliable solution for managing large volumes of data:
- Data Encryption. Objects are encrypted in transit and at rest, protecting confidentiality and reducing exposure to unauthorized access.
- High Availability & Distributed Storage. A distributed architecture increases service availability and safeguards data against local failures or disruptions.
- Triple Replication. Each object is stored on three separate disks across three servers, with at least one replica kept in a different data center by default.
- File Versioning. Versioning can be enabled at subscription level, allowing recovery of previous object versions.
- Granular Permissions. Access control can be applied at object or bucket level, ensuring precise management of who can read, modify, or administer stored data.








