Overview

Myrmex provides a multi-region, independent environment designed to meet the highest security and compliance standards. Each region operates autonomously, with no data sharing between them, ensuring complete segregation of information. This feature brings significant benefits, especially when meeting government regulations or compliance requirements specific to certain countries or sectors.

Data Isolation by Customer

In addition to separation by region, Myrmex ensures that each customer’s data is isolated in dedicated tenants. This approach ensures that customer information is stored exclusively in the appropriate scope, preventing unauthorized access and strengthening protection against data leaks.

Zero Trust Model for Secure Communication

The Myrmex Security Platform implements a security model based on the Zero Trust paradigm, ensuring that each device continuously proves its legitimacy. To protect communication and device registration, Myrmex Endpoint Security uses cutting-edge technologies, including:
  • Asymmetric encryption (RSA 4096 bits): For authentication and initial key exchange
  • Symmetric encryption (AES-256-GCM): To ensure the confidentiality and integrity of transmitted data
  • Secure transport (TLS 1.3): To protect against interception and man-in-the-middle attacks
These layers of protection ensure that only authorized devices can communicate with the platform confidentially and securely.

Shared Responsibility

Responsibility for data security at Myrmex is shared between the platform and its customers.

Myrmex Responsibilities

  • Providing a secure, isolated and reliable infrastructure for data management
  • Ensuring that vulnerabilities are identified and addressed in accordance with strict internal policies

Customer Responsibilities

  • Managing access, ensuring that only authorized users and devices are allowed to operate in the environment
  • Maintain secure credentials and implement robust authentication controls
  • Continuously monitor your operations to identify and mitigate potential vulnerabilities

Data Security Implementation

Access Control

Implement proper access control using role-based authentication: 
{
  "roles": {
    "admin": {
      "permissions": ["read", "write", "delete"],
      "resources": ["all"]
    },
    "analyst": {
      "permissions": ["read"],
      "resources": ["logs", "metrics"]
    }
  }
}

Data Encryption

Always encrypt sensitive data both in transit and at rest: 
from myrmex.security import DataEncryption

# Encrypt data at rest
encryption = DataEncryption()
encrypted_data = encryption.encrypt_data(sensitive_data, 
    encryption_key=YOUR_KEY,
    algorithm="AES-256-GCM"
)

Data Management

Backup Configuration

Configure automated backups with proper retention policies: 
backup_policy:
  frequency: "daily"
  retention_period: "30-days"
  encryption: true
  locations:
    - primary: "us-east-1"
    - secondary: "us-west-2"

Data Lifecycle

Implement data lifecycle management: 
from myrmex.data import LifecycleManager

lifecycle = LifecycleManager()
policy = lifecycle.create_policy(
    hot_storage_days=30,
    warm_storage_days=60,
    cold_storage_days=365,
    auto_delete_after_days=730
)

Best Practices

  1. Always encrypt sensitive data
  2. Implement proper access controls
  3. Regular backup and testing
  4. Monitor data access patterns
  5. Implement data lifecycle policies
  6. Follow the shared responsibility model
  7. Utilize multi-region capabilities when needed
  8. Implement Zero Trust security principles
Make sure to comply with relevant data protection regulations (GDPR, LGPD, etc.) when implementing these practices.
Security is a shared responsibility. Both Myrmex and customers must fulfill their respective roles to maintain a secure environment.