The Datica promise brought to a
If you're working within a regulated industry like healthcare, you have almost zero options when it comes to using Kubernetes — either you manage the control plane, the operating system and the underlying infrastructure to maintain the flexibility required for compliance, or you risk falling out of compliance by using an existing managed service. Datica changes all of that.
Complete Kubernetes compliance
CKS is a compliant managed Kubernetes service for regulated industries. In addition to managing the cluster control plane, CKS configures the underlying operating system and instances, and installs, configures, and manages a set of deployments required to achieve compliance.
The most secure Kubernetes cluster available
Deployments include logging, monitoring, intrusion detection, antivirus software, and more. In addition to the technical configuration, Datica assumes the liability for the complete stack within our BAA, something not available or possible with any other managed Kubernetes offering. CKS functions like any other Kubernetes cluster—but one that comes pre-configured for compliance and security out of the box.
With the underlying infrastructure, operating system, and control plane locked down, CKS delivers an experience that feels like a standard Kubernetes cluster, but one that gets you HIPAA, HITRUST CSF, GxP, GDPR and more, with no additional configuration or work on your end.
CoreOS is a container-only linux distribution. Datica installs, maintains and patches CoreOS as the central operating system for all CKS clusters.
CRI-O is the first and only container-runtime specifically designed for Kubernetes and can run containers built by Docker, as well as any other OCI compliant image builder.
CKS is configured with flannel and
nginx-ingress for encrypting network traffic. These tools provide a mature, secure solution to networking with a healthy community of supporters.
Logging is a central component of managing compliance in the cloud. Datica deploys an Elasticsearch, FluentD and Kibana (EFK) stack with all clusters.
CKS ships with a Prometheus instance to handle cluster monitoring, specifically CoreOS’s prometheus-operator, with a Grafana dashboard for visualizing activity.
Vulnerability scanning is performed centrally by Datica on all CKS clusters using Nessus. In addition to Nessus, Falco also plays a major role ensuring vulnerabilities are managed.
Like vulnerability scanning, Falco also plays a critical role in intrusion detection — Falco provides an easy way to build rules and output alerts immediately.
CKS will automatically backup all volumes contained in a cluster. These backups are encrypted and cross region replicated.
Security & Compliance Services
Datica is the industry leader for compliance on the cloud. We provide our CKS customers a suite of professional services that ensure their success on the cloud.
Cloud Native Security Consulting
Datica provides services to maximize your success with using Kubernetes in your cloud account, including specific training on the security and compliance implications of Kubernetes, containers, and microservices.
Cloud Compliance Onramp
We work closely with CKS customers to help them adapt their security and compliance policies to the cloud and CKS, as well help them make informed decisions about the non-CKS cloud services they want to leverage for their cloud workloads.
Cloud Compliance Training
Configuring, deploying, and managing cloud workloads requires new thinking, and new training and education. Datica offers cloud training services tailored to your organization and users, be they operators, compliance officers, or software developers.
Datica's shared responsibility model
With Datica’s Cloud Compliance Management System, we ensure both the cluster and the underlying infrastructure on your cloud account are secure and compliant to the highest standards across an ever-growing list of frameworks and regimes.
We were dying to use the cloud but were really stuck: We knew we wanted to use Amazon Web Services (AWS) but there were all these things we couldn’t do to make that work, like HIPAA compliant DevOps, HITRUST, and infrastructure security. Datica puts us in the situation where we can get back to our core competency because they handle everything we need to be able to use AWS.
Corporate Director, Innovation and Knowledge Analytics
Methodist Le Bonheur Healthcare
A shared vision for the future of healthcare
We are seeking to build confidence with many stakeholders. When I mention Datica, I get nods of recognition and no more questions asked about infrastructure.
They met our goals, and, along the way, we discovered that Datica shared our view about the next generation of healthcare integration.
Datica quickly became the only option for us.
Schedule a conversation to learn more about Datica Compliant Kubernetes Service.
The Datica team is helping us solve critical infrastructure and scaling problems faster and more competently than we can in-house.