Professional Documents
Culture Documents
ICQ IT - Old American - 2020
ICQ IT - Old American - 2020
MGA:
Source:
Hardware
1. List all production hardware such as servers, storage devices, switches and firewalls.
*region: it is a specific geographical location where you can host your resources.
*zone: it is a deployment area within a region.
2. List all redundant/disaster recovery hardware such as servers, storage devices, switches and firewalls.
2020 Page 1 of 7
MGA Internal Control Questionnaire – IT
MGA:
Functions Function is located in a specific functions/sla
*region and is managed by Google
to be redundantly available across
all *zones within that region.
Cloud All data is redundant across >= 99.95% https://cloud.google.com/
Storage multiple regions and multiple zones storage/sla
within a *region (check Standard storage class
in a multi-region or dual-
region covered service)
Secret Each secret is replicated >= 99.95% https://cloud.google.com/
Manager automatically in a different region. secret-manager/sla
*region: it is a specific geographical location where you can host your resources.
*zone: it is a deployment area within a region.
1. Provide a network diagram showing network entry points, firewalls, servers etc.
● Socotra
● Sigo Admin App
● Go E Merchant
● Verisk
● Hubspot
● JustCall
● CustomerIO
● HelloSign
● VinAudit
2020 Page 2 of 7
MGA Internal Control Questionnaire – IT
MGA:
● LOB
● Google Analytics
● Mixpanel
MV to share diagram
4. List ISP’s & telecom - production & redundant lines and throughput size.
Sigo is fully cloud-based and the redundant network services are managed by Google Cloud.
Sigo’s VOIP phone tool is JustCall.io
5. Describe the current server / hosting environment. Is it hosted in-house, via a third party, etc.? Describe
the use of any cloud-based resources such as Amazon Web Services or Microsoft Windows Azure.
Sigo uses Google Cloud Platform. Google Cloud resources in use are the following:
- GKE - Google Kubernetes Engine
- Secret Manager
- Cloud Functions
- Cloud Storage
- Cloud SQL (MySQL and PostgreSQL)
- Cloud MemoryStore
6. Describe any redundancies built into the hosting platform and hardware.
The following table explains the redundancy/replication that Google Cloud provides:
Cloud Service Description
Cloud SQL They count with High Availability configuration
enabled. That protects from common failures by
replicating data, and by providing an automatic
failover to a replica.
Kubernetes A Kubernetes cluster is hosted across multiple
cluster zones. If one zone experiences failure, the other
ones will be available. This ensures the
continuity of the application hosted in the
Kubernetes cluster.
Redis It counts with High Availability configuration
2020 Page 3 of 7
MGA Internal Control Questionnaire – IT
MGA:
enabled. That protects from common failures by
replicating data to several replicas, and by
providing an automatic failover to a replica.
2. Provide copies of any backup policies, and details regarding how long they have been in place.
2020 Page 4 of 7
MGA Internal Control Questionnaire – IT
MGA:
. Sigo is fully cloud-based. The following table shows the Monthly Uptime Percentage per service used:
Cloud Service Monthly Uptime Percentage
Cloud SQL >= 99.95%
Kubernetes >= 99.95%
cluster
Redis >= 99.9%
Cloud Functions >= 99.95%
Cloud Storage >= 99.95%
Security
Yes – the following list shows the application that implements two-factor-authentication.
- CloudFlare
- OpenVPN
- Google Cloud Platform
3. Does the firewall contain Intrusion Prevention System and Intrusion Detection Systems?
Currently, we have an Intrusion Detection System implemented. This job is done by the Wazuh
platform.
4. How are you monitoring systems for unusual behavior, abnormal traffic, malicious coding and
anything that would look like an intrusion by a hacker being attempted?
- Security Analysis
- Intrusion Detection
- Log Data Analysis
- File Integrity Monitoring
- Vulnerability Detection
2020 Page 5 of 7
MGA Internal Control Questionnaire – IT
MGA:
- Configuration Assessment
- Incident Response
- Cloud Security
5. Encryption – do you encrypt data at rest, data in transit, emails, servers, desktops, laptops or
smartphones?
Sigo uses Google G Suite as email service provider. All emails sent are encrypted in transit.
Laptops and smartphones are protected with the device’s own login tools
OpenVPN
6. Is email protected by mail security – Encryption? Phishing, Spam, Threat Detection from
Advanced Persistent Threats, including botnets, malware, viruses and others?
Sigo uses Google G Suite as email service provider. G Suite provides the following protection measures:
- Encrypted emails.
- Prevents phishing attacks.
- Advanced phishing and malware protection.
- Use TLS certificate for secure transport.
- Ciphers for TLS connections.
2020 Page 6 of 7
MGA Internal Control Questionnaire – IT
MGA:
2020 Page 7 of 7