Security

Secure Hosting

• Multiple levels of security
• 24/7 on site security personnel
• Video monitoring throughout
• Biometric access restrictions
• Logged access
• Engineered to maintain service in the face of extreme weather events, seismic events and floods
• Redundant power and air conditioning including UPS, power conditioning and on site generators
• Latest fire suppression methods including early detection and dry-pipe sprinklers
   

Network Security

• Client connectivity is limited to SSL 3.0/TLS 1.0
• Perimeter firewalls block all unused protocols
• Internal firewall separation between application and database tiers
• Intrusion detection monitoring for suspicious network traffic
• IPSEC VPN used for all administration access
   

Backups

• Data is backed up to disk and to tape with vaulted offsite backups
• Disaster Recovery
• Backups taken off site daily to a secure location for use in act of god type events
   

Internal Process

• Application code changes are documented, checked in and tagged with escrow available
• Software development best practices conform to SCRUM
• Employee access granted on the principle of least privilege
• All administrative access logged