UNIQCloud Security
Security principles, tools & operational assurance for UNIQCloud — UNICC's private cloud platform built on a foundation of 8 security domains, aligned with CSA CCM 4.0.10, ISO 27001, NIST, and PCI-DSS.
Security Domains
Hosting, Openness & Residency
Open-source stack, UN data centers, vendor neutrality
Access Control & Personnel Security
Zero Trust, strict onboarding, role segregation
Network & Infrastructure
Dedicated infra, firewalls, DDoS/WAF, tenant segregation
Secure by Design & Defense in Depth
CSA CCM 4.0.10, defense in depth, secure by default
Monitoring, Detection & Response
24/7 ops, SIEM, CSOC, automation
OS & Data Protection
Hardened images, encryption, backup
Governance, Audit & Compliance
Pen tests, audits, ISO, SOC2 compliance
Patch Management & Remediation
Continuous updates, rapid fixes, SLA targets
Core Security Tools
The following tools operate across UNIQCloud's core infrastructure and network:
| Tool | Purpose |
|---|---|
| Tenable Security Center | Vulnerability management |
| Crowdstrike Falcon | Endpoint & container EDR |
| Splunk | SIEM, log analysis, forensic analysis |
| Checkpoint Maestro / Firepower | Firewall, IDS, egress monitoring |
| CloudFlare | Edge, DDoS, WAF |
| CyberArk | Privileged access management |
| FreeRadius & RedHat IDM | Identity & access management |
| Kali Linux | Penetration testing |
Compliance Framework
UNIQCloud security is based on CSA CCM 4.0.10 (Cloud Security Alliance Cloud Controls Matrix), covering 197 controls across 17 domains. The framework is mapped to:
- ISO 27001 — Information security management
- NIST — Cybersecurity framework
- PCI-DSS — Payment card industry standards
- SOC 2 — Service organization controls
- CIS Benchmarks — System hardening baselines