Certified Data Security

Cloudian® HyperStore® is an enterprise-grade, software-defined object storage platform built to provide secure, scalable, S3-compliant storage for massive volumes of unstructured data — on-premises or in hybrid clouds. It is available as stand-alone software or as Cloudian HyperStore appliances.

As cyber threats grow more sophisticated and regulatory requirements tighten, HyperStore applies a multi-layered security architecture spanning the hardware layer, identity and access management, encryption, and active ransomware defense — keeping enterprise data available, confidential, and immutable.

This brief covers HyperStore’s security capabilities across six areas:

• Data Protection & Resilience: flexible replication and erasure-coding policies, configurable per bucket
• Cyberstorage: active ransomware defense, including overwrite-encryption protection, S3 Object Lock (WORM), and tamper-proof audit logs
• Secure Multi-Tenancy: granular isolation, QoS controls, and service-level management
• Authentication, Identity & Access Control: IAM, SAML 2.0, AD/LDAP, MFA, and a hardened admin shell
• Comprehensive Encryption: AES-256 at rest (SSE, SSE-C, SSE-KMS, SSE-KMIP) and TLS 1.2/1.3 in flight
• Certifications & Compliance: FIPS 140-3 Level 1 validation and assessed conformance with SEC 17a-4(f), FINRA 4511, CFTC 1.31, and IDW PS 880

Enterprise-Grade Data Protection and Resilience

HyperStore provides robust data protection through highly flexible software-defined policies. By utilizing both replication and Intel Intelligent Storage Acceleration Library (ISA-L) Erasure Coding, HyperStore optimizes storage efficiency without compromising durability.

• Customizable Redundancy: Protection schemes can be configured at the bucket level to meet specific business needs. This allows administrators to balance storage overhead against the required level of fault tolerance.
• Massive Scalability: Whether deployed as hardened appliances or stand-alone software, the architecture ensures that as your data grows, your security and protection policies scale linearly across nodes and geographic locations

Cyberstorage: Advanced Ransomware Defense

In an era where perimeter defenses are frequently breached, HyperStore provides “Cyberstorage” features that protect data even when administrative credentials have been
compromised.

• Overwrite Encryption Protection: A critical defense against modern ransomware. Malicious actors often use stolen S3 credentials to overwrite existing objects with encrypted versions (SSE-C), essentially “locking” the customer out of their own data. HyperStore can block these attempts at the system or bucket level, refusing unauthorized overwrite requests and immediately alerting administrators and bucket owners of the detected attack.
• S3 Object Lock (WORM): HyperStore supports Write Once, Read Many (WORM) technology via S3 Object Lock. This allows objects to be stored in an immutable state, preventing them from being altered or deleted by any user—including the root administrator—until a predefined retention period has expired.
• Tamper-Proof Audit Logging: For forensic analysis and compliance auditing, all WORM-related actions and unauthorized deletion attempts are recorded in dedicated, immutable system logs for permanent record-keeping.

High-Scale Secure Multi-Tenancy

HyperStore was engineered from the ground up for multi-tenancy, allowing service providers and large enterprises to isolate groups and users within a single shared infrastructure.

• Granular Isolation: Advanced identity and access management features allow for the strict partitioning of data, ensuring that tenants can only see and access their own resources.
• Service Level Management: Administrators can define specific classes of service for different groups, including configurable billing and charge-back policies to simplify operational accounting.
• Credential Management: To support complex application ecosystems, the system allows multiple S3 credentials per user, facilitating granular application-to-bucket mapping.
• Quality of Service (QoS) Controls: Configurable group and userlevel QoS rate limits (covering both bandwidth and storage quotas) ensure that “noisy neighbors” do not impact the performance of other tenants on the system.

Comprehensive Data Encryption

Data-at-Rest
HyperStore ensures that data stored on disk is unreadable to unauthorized parties. It utilizes AES-256 encryption (the current system default) and offers granular management at both the bucket and individual object levels. Supported methods include:

• SSE (Server-Side Encryption): HyperStore automatically generates and manages encryption keys transparently.
• SSE-C (Customer-Provided Keys): The customer manages the keys; HyperStore performs the encryption but does not store the key itself (only a hash for validation). All requests must be submitted via HTTPS to protect the key in transit.
• SSE-KMS (AWS): Integration with the AWS Key Management Service for centralized cloud-based key governance.
• SSE-KMIP: Integration with external KMIP-compliant Key Management Systems (such as Fortanix, Thales, or HashiCorp). HyperStore supports multiple KMS profiles and “Bucket Keys” to significantly reduce network overhead and KMS load.

Data-in-Flight
All communications between clients and the HyperStore cluster are secured via TLS 1.2 and 1.3. HyperStore supports both CA-signed and self-signed certificates and allows administrators to choose from Modern, Intermediate, or FIPS-140-3-compatible cipher profiles.

Data Spill Protection (Secure Delete)

For organizations handling sensitive or classified data, HyperStore provides a “Secure Delete” feature that exceeds the NIST Special Publication 800-88-r1 standards for media sanitization.

When Secure Delete is enabled, the system does not simply remove the file pointers; it overwrites all blocks across all nodes containing the object—writing zeros three times—before the data is removed from the disk. This process is fully auditable via the cloudian-hyperstorerequest-info.log

Authentication, Identity, and Access Control

Identity and Access Management (IAM): HyperStore supports standard AWS-compliant IAM APIs, enabling granular resource-level permissions.

• Data Ownership Model: All S3 data created by IAM users belongs to the parent “root” account, ensuring that if a sub-user is deleted, the enterprise retains control of the data.
• Federated Access and SAML 2.0: HyperStore supports SAML 2.0 for federated identity management, allowing users to assume IAM roles using their existing corporate credentials.
• OIDC Support: To further expand integration with modern identity providers, support for OpenID Connect (OIDC) is on the product roadmap and coming soon.
• AD/LDAP Integration: Integration with external Active Directory or LDAP systems is supported on a per-group basis, allowing different departments or customers to leverage their own authentication servers.
• Multi-Factor Authentication (MFA): Supports TOTP-based MFA (e.g., Google Authenticator) for Management Console logins and “MFA Delete” to prevent the unauthorized removal of versioned objects.
• HyperStore Shell (HSH): To protect the underlying operating system, HyperStore provides a hardened, restrictive shell for administration that eliminates the need for root SSH access, drastically reducing the system’s attack surface.

Security Certifications and Compliance

FIPS 140-3 Level 1 Validation
Cloudian HyperStore utilizes a cryptographic module that is officially FIPS 140-3 Level 1 Validated. This ensures that all encryption, secure transmission, and signature validation methods meet the latest and most stringent U.S. government security requirements for sensitive data.

• NIST FIPS 140-3 Certificate: Certificate #5068
• Security Policy: FIPS 140-3 Security Policy Documentation

Regulatory Compliance

The HyperStore Object Lock feature has been independently assessed by third-party agencies to ensure compliance with the following regulatory standards for immutable storage:

• SEC Rule 17a-4(f)
• FINRA Rule 4511
• CFTC 1.31(c)-(d)
• IDW PS 880 (International auditing standard)