Security & Compliance Deep Dive

Armada maintains a comprehensive security and compliance framework designed to ensure the highest standards of data protection and regulatory adherence across our Commander Connect, Edge, and AI platform offerings. Our security program is built upon industry best practices and enterprise-grade controls to safeguard customer data and maintain operational integrity.

Security Framework Overview

graph TB
    A[Security Framework] --> B[Data Security]
    A --> C[Access Control]
    A --> D[Network Security]
    A --> E[Incident Management]
    A --> F[Compliance]
    
    B --> B1[Encryption]
    B --> B2[Backup Security]
    
    C --> C1[MFA]
    C --> C2[RBAC]
    
    D --> D1[WAF]
    D --> D2[Network Monitoring]
    
    E --> E1[Security Response]
    E --> E2[Global Analysis]
    
    F --> F1[ISO 27001]
    F --> F2[SOC 2]

Data Security

Encryption Standards

Armada implements enterprise-grade encryption protocols across all data touchpoints to ensure comprehensive protection. Our cloud storage infrastructure utilizes AES-256 encryption with Azure's native encryption capabilities, while compute infrastructure incorporates full disk encryption as a standard configuration. All network communications are secured with TLS 1.2 minimum protocols, and backup systems employ zone-redundant configurations with real-time replication capabilities.

Access Control & Identity Management

Multi-Factor Authentication (MFA)

Multi-factor authentication is implemented across all critical systems and code repositories to ensure robust access control. We utilize Windows Entra ID as our primary authentication provider and Azure Entra ID for VPN access control mechanisms. Hardware onboarding procedures are managed by our dedicated Armada hardware team to ensure proper configuration and security implementation.

Role-Based Access Control (RBAC)

Our role-based access control system provides granular permissions management across all platform assets to ensure appropriate access levels. We implement real-time monitoring of user access patterns to detect and respond to anomalous behavior expeditiously. Every platform resource is protected by controlled access mechanisms that adhere to the principle of least privilege.

Single Sign-On (SSO)

We provide out-of-the-box single sign-on support with seamless integration to Microsoft Entra ID, Okta, and Google Cloud Platform IDP solutions. This integration reduces user burden while maintaining centralized identity management benefits and operational efficiency. Organizations can enforce existing security policies through their preferred identity provider infrastructure.

Just-in-Time Access

We implement a strict just-in-time access process that requires explicit customer approval and Armada management authorization for all access requests. Access is granted on a provisional, time-limited basis with automatic permission revocation upon work completion. This approach minimizes security incident opportunities and ensures access is only available when operationally necessary.

Network Security

Web Application Firewalls (WAF)

Our network security architecture employs multiple protection layers with Web Application Firewalls deployed on all application gateways. We implement Intrusion Prevention Systems for all public internet traffic and integrate with Juniper MIST and Cisco Portal solutions for comprehensive device monitoring. This infrastructure provides real-time threat detection and rapid response capabilities.

Network Segmentation

The Galleon network architecture features comprehensive segmentation to isolate traffic and prevent lateral threat movement across network segments. We implement site-to-site VPN tunnels with restricted access controls to facilitate secure communication between network segments. Our vendor integration with Juniper MIST and Cisco Portal solutions provides continuous monitoring and management capabilities across the entire network infrastructure.

Network Monitoring & Logging

We maintain comprehensive network visibility with all Azure firewall logs automatically transmitted to Microsoft Sentinel for centralized analysis. Our automated alerting system ensures security events are immediately brought to our security team's attention for prompt response. This proactive approach enables rapid response to potential incidents before they impact customer operations.

Incident Management

Security Incident Management

Our security incident management is centralized through the Global Analysis Service to ensure consistent handling across our platform infrastructure. We utilize Microsoft Sentinel for device information analysis and Microsoft Defender for Cloud deployment on every Galleon machine. This combination enables continuous analysis and immediate threat detection for expedited incident response.

Availability Incident Management

Our availability incident management features 24/7 monitoring through an on-call rotation system to ensure immediate incident detection and response. We maintain robust alerting and triage procedures to facilitate rapid response and resolution of operational issues. Clear and timely customer communication protocols provide regular updates on incident status and expected resolution timelines.

Security Best Practices

Our security-first approach ensures security considerations are integrated from initial design through continuous monitoring and regular assessments. We maintain comprehensive incident response procedures and continuous compliance monitoring protocols. This framework provides customers with enterprise-grade security capabilities including data sovereignty, physical security, and network isolation for edge deployment scenarios.

• Compliance Ready: ISO 27001 and SOC 2 certified platform
• Continuous Protection: 24/7 security monitoring and response

---

This security and compliance framework ensures that Armada Edge Platform provides enterprise-grade security while maintaining the flexibility and performance required for edge computing environments.