Data Security Policy
Updated July 2013
If you are currently maintaining your data on personal computers or your own servers, the odds are that we offer a better level of security than what you currently have in place.
This document outlines some of the mechanisms and processes we have implemented to help ensure that your data is protected. Our security practices are grouped in four different areas: Physical Security; Network Security; People Processes and Redundancy and Business Continuity.
Our datacenters are hosted in some of the most secure facilities available today in locations that are protected from physical and logical attacks as well as from natural disasters such as earthquakes, fires, floods, etc.
- 24x7x365 Security. The data centers that host your data are guarded seven days a week, 24 hours a day, each and every day of the year.
- Video Monitoring. Each data center is monitored 24x7x365 with night vision cameras.
- Controlled Entrance. Access to the data centers is tightly restricted to a small group of pre-authorised personnel.
- Undisclosed locations. Servers are located inside generic-looking, undisclosed locations that make them less likely to be a target.
Our network security team and infrastructure helps protect your data against the most sophisticated electronic attacks. The following is a subset of our network security practices. These are intentionally stated in a very general way, since even knowing what tactics we use is something hackers crave. If your organisation requires further detail on our network security, please contact us.
- 128/256-bit SSL. The communication between your computer and our servers is encrypted using strong 128-bit keys (256-bit keys in many cases). What this means is that even if the information traveling between your computer and our servers were to be intercepted, it would be nearly impossible for anyone to make any sense out of it.
- IDS/IPS. Our network is gated and screened by highly powerful Intrusion Detection / Intrusion Prevention Systems.
- Control and Audit. All accesses are controlled and also audited.
- Secured OS. Applications run inside a secured operating system engineered for security that minimises vulnerabilities.
- Virus Scanning. Traffic coming into Servers is automatically scanned for harmful viruses using state of the art virus scanning protocols which are updated regularly.
Designing and running data center infrastructure requires not just technology, but a disciplined approach to processes. This includes policies about escalation, management, knowledge sharing, risk, as well as the day to day operations. Our security team has years of experience in designing and operating data centers and continually improves our processes over time. We have developed world class practices for managing security and data protection risk.
- Select Employees. Only employees with the highest clearance have access to our data center data. Employee access is logged and passwords are strictly regulated. We limit access to customer data to only a select few of these employees who need such access to provide support and troubleshooting on our customers’ behalf.
- Audits. Audits are regularly performed and the whole process is reviewed by management.
- As-Needed Basis. Accessing data center information as well as customer data is done on an as-needed only basis, and only when approved by the customer (i.e. as part of a support incident), or by senior security management to provide support and maintenance.
Redundancy and Business Continuity
One of the fundamental philosophies of cloud computing is the acknowledgment and assumption that computer resources will at some point fail. We have designed our systems and infrastructure with that in mind.
- Distributed Grid Architecture. Services run on a distributed grid architecture. That means a server can fail without a noticeable impact on the system or our services. The system has been designed knowing that server may eventually fail – we have implemented our infrastructure to account for that.
- Power Redundancy. We configure our servers for power redundancy – from power supply to power delivery.
- Internet Redundancy. We are connected to the world –and you- through multiple Tier-1 ISPs. So if any one fails or experiences a delay, you can still reliably get to your applications and information.
- Redundant Network Devices. Our servers run on redundant network devices (switches, routers, security gateways) to avoid any single point of failure at any level on the internal network.
- Redundant Cooling and Temperature. Intense computing resources generate a lot of heat, and thus need to be cooled to guarantee a smooth operation. Our servers are backed by N+2 redundant HVAC systems and temperature control systems.
- Fire Prevention. The datacenters are guarded by industry-standard fire prevention and control systems.
- Data Protection & Back-up. User data is backed-up reguarly across multiple servers, helping protect the data in the event of hardware failure or disaster.
While we cannot list all the details of our infrastructure for security reasons, rest assured that our security practices, policies and infrastructure are proven and reliable.
For more information about our Security please contact us.