SaaS Security for the Confirmit CustomerSat Software

Size: px
Start display at page:

Download "SaaS Security for the Confirmit CustomerSat Software"

Transcription

1 SaaS Security for the Confirmit CustomerSat Software July 2015 Arnt Feruglio Chief Operating Officer

2 The Confirmit CustomerSat Software Designed for The Web. From its inception in 1997, the architecture and code of the CustomerSat product has been designed to operate online. We started offering Software as a Service long before the SaaS term was ever invented. Continue to Make Significant Ongoing Investments to ensure it remains modern. This allows us to take advantage of new technologies and thereby boost security, performance, reliability, and scalability. Industry Leading Resiliency. The robust CustomerSat code running on our scalable high-availability infrastructure combined with a 3-tier 24/7 proactive monitoring system provides our SaaS clients with the highest levels of security, performance and availability in the industry. 2

3 Security in User Administration Granular Access Control: Confirmit CustomerSat offers detailed data access control of accounts, surveys, and even specific question responses. Fine Grained Account Permissions: User abilities to use, view, and change their accounts can be controlled at extremely detailed levels including general account access, functionality changes, access to reporting, ability to deploy surveys, etc. Multiple Levels of Login Controls and Protection: SSL is enforced for all application access by Confirmit employees. HTTPS/SSL is enforced for all user logins and for the duration of the session. Complex passwords with minimum lengths are enforced Accounts are automatically locked by the system after 3 consecutive failed attempts. Stored passwords are protected by a salted one-way SHA1 hash. 3 Session Expiration: Confirmit CustomerSat automatically closes sessions of SaaS users after a period of inactivity, after which users must reauthenticate to continue.

4 Security of Data Protected In Use : The database servers that store client data are not Internet facing and are protected by 2 tiers of diverse, high-availability firewalls. The data can only be accessed programmatically through the Confirmit CustomerSat application engine. Protected At Rest : For application data residing outside of the RackSpace facilities, Confirmit CustomerSat implements AES-128 encryption through SQL Server Enterprise TDE (Transparent Data Encryption) and Microsoft BitLocker. Protected In Motion : Confirmit CustomerSat supports for file imports and exports: PGP encryption prior to transport Delivery via SFTP download and can be combined with additional PGP file encryption Delivery via HTTPS Confirmit can configure its mail server to enforce TLS for connections to target corporate servers if required, ensuring s are delivered over an encrypted connection. 4 Protected Access: Secured Remote Server Access is only available to our system administrators from a specific internal IP range within Confirmit s corporate network and through a secure hardware VPN tunnel. If outside the corporate network, 2-factor authentication is required to establish a secure VPN tunnel.

5 Additional Security Features High Assurance : Survey Taking and Portal Administration using EV (Extended Validation) SSL certificates, providing additional safety visibility and confidence to visitors. Secure Survey Taking: Survey setting allows easy configuration of SSL sessions at a per survey level. Internally, all of our employees with access to client data work on laptops encrypted with Microsoft BitLocker Whole Disk Encryption (AES-256) 5

6 Confirmit SaaS Environment Uptime and Statistics For our largest clients, we ve held up to 5 Million completed responses growing at ½ Million per month We are trusted with Terabytes of client data and growing Industry leading 100% uptime for 2 consecutive years. * as monitored by a third party Quarterly uptime statistics are publicly available at: 6

7 Hosting with Rackspace 7 Environment hosted with world-leading managed hosting provider Rackspace. We are a significant client of Rackspace, with high management visibility. We have been with Rackspace since 2004 and our current agreement extends to Q2 of Rackspace: A recognized world-leading provider of web hosting services (see The data center we occupy is: o SSAE 16 Type II SOC 1 (formerly SAS 70 Type II) examined. o ISO certified. Microsoft Gold Certified partner / Microsoft Hosting Provider of the Year. See (US) and (UK). We use Rackspace's Intensive Hosting, (i.e. not co-location or the standard/reactive Managed hosting ). This means: Highest available SLAs Dedicated service delivery team with SLM and technical specialists dedicated to our account Aggressive hardware replacement guarantees.

8 CustomerSat: Not a Cloud-Based Service Confirmit CustomerSat offers Software as a Service (SaaS) that is available worldwide, over the Internet, and accessible through web browsers. This doesn t make CustomerSat a cloud-based service. Why?: Cloud providers often use a hosting solution where their infrastructure is provided by the cloud provider as either Infrastructure as a Service (IaaS) or Platform as a Service (PaaS), such as Amazon s EC2 or Microsoft Azure. With such providers, the underlying infrastructure is usually shared between the provider s many customers. Data is also comingled between customers across systems or datacenters and there is usually no dedicated security infrastructure to provide additional security for the data hosted on these services. Confirmit delivers SaaS using: Although Rackspace also offers cloud services, Confirmit does not utilize any of these service for its SaaS offering. The Confirmit SaaS service is accessed in the same way as any cloud service, but the main differences are: Servers dedicated to Confirmit A known datacenter Dedicated Confirmit Firewalls A known location A traditional server platform Managed by Rackspace We know exactly where your data is located The servers hosting the data do not host or process any data for other Rackspace customers (even the VMware hypervisors are dedicated to running our virtual infrastructure) Database servers are separated from virtual infrastructure and run on dedicated hardware We have a dedicated, redundant network security infrastructure protecting our equipment 8

9 Network Architecture High Level Overview Segregated Network Tiers Separate manufacturers for Front and Back-end Firewalls Fully Redundant, Load balanced web servers Clustered database servers N+1 design for redundant pools Multi-homed fiber channel network 9

10 SaaS Hosting Environment Security State-of-the-art physical building security at Rackspace: On-site security personnel monitor the data center buildings 24/7. Live CCTV surveillance of the entire data center building is monitored 24/7. Biometric hand scanners are used to restrict access to the Rackspace data center. Multiple levels of security are employed to ensure that only Data Center Operations Engineers are physically allowed near the hosted routers, switches, and servers. All critical systems in the DC are N+1 redundant to provide uninterrupted availability, e.g. Power Distribution Units, UPS systems, NIC teams, cluster failovers, SAN fiber connections, redundant switches, load balancers and firewalls. Weekly tests are conducted on all HVAC, UPS, fire suppression, and generator systems. Standardized hardware and software supplied by industry leading vendors is used for all parts of the delivery chain. Clustered database servers with SAN storage (EMC arrays) for high availability. All network infrastructure devices are configured in high availability mode, providing a fault-tolerant network for 100% guaranteed network uptime from the hosting provider. F5 powered load balancing with offloaded SSL acceleration is utilized to ensure highest availability and performance. Threat Manager / Intrusion Detection Systems provided by Alert Logic, and monitored 24/7. Daily backups. Weekly full back-ups encrypted (AES 256) and sent for off-site storage for 12 months with Iron Mountain. Complete SaaS environment documentation available under NDA. 10

11 Data Privacy 11 The US data center (Rackspace, Inc) and our US entities (Confirmit, Inc and CustomerSat.com, Inc) are Safe Harbor Certified, https://safeharbor.export.gov/list.aspx. Thorough back-to-back data flow framework in place to address regulatory requirements relating to all parties involved on our end. See diagram on the right. We will be happy to talk through this with your data privacy specialists. Information security is a key element of our operational procedures. Our Information Security Policy is based on the ISO framework. After thorough security reviews, a number of global banks, insurance companies and enterprises have selected Confirmit as their provider of data collection and reporting services.

12 Disaster Recovery Plan Because we believe in leaving nothing to chance To ensure continued delivery of Confirmit CustomerSat services in the unlikely event of a disaster at the primary facility, we have developed and maintain: A fully tested DRP (Disaster Recovery Plan) A DRS (Disaster Recover Site) located ~2000 miles from our primary site RTO (Recovery Time Objective) of 24 hours from DRP initiation RPO (Recovery Point Objective) of 24 hours from disaster DRP successfully tested Sep 2013 and updated April 2014 *The DRP is updated/tested as needed, commensurate with changes to the primary hosting environment. 12

13 Security Testing / Ethical Hacking Confirmit contracts independent third party security specialists to run application testing of the Confirmit Professional software. The tests are conducted annually. Application testing: We grant a user a valid password and User ID to the Software, and see if they can hack the system, i.e. gain illegitimate access to data, compromise the Software, etc. Relevant findings are reviewed, remediation is performed and a follow-up retest is carried out. Transparency: A report is made available to clients upon request. We remediate all Critical, High and Medium risk findings and assess any low risk items. Retest results from the test completed by Emagined Security, October 2014: 13

14 Three tier proactive 24/7 monitoring 1. Confirmit monitors the hosting environment and the Confirmit application 24/7 through a proprietary NOC monitoring system. The system polls, with high frequency, critical application statistics, health checks, and availability tests. and SMS pages are triggered automatically if irregularities are detected or thresholds exceeded. 2. Rackspace monitors the SaaS 24/7 by means of 3 applications: Microsoft (SCOM), SiteScope and a proprietary application called RackWatch. The 24x7 Rackspace staff notify Confirmit engineers of severe issues persisting for more than 15 minutes. Webmetrics Rackspace Confirmit Neustar Webmetrics performs external 3 rd Party monitoring of availability and response times: Polling is performed from over 100 locations worldwide.

15 Thank You Arnt Feruglio COO July 2015

SaaS Security for Confirmit Horizons

SaaS Security for Confirmit Horizons SaaS Security for Confirmit Horizons January 2015 Confirmit Horizons v18.5 Arnt Feruglio Chief Operating Officer The Confirmit Horizons Software From its inception in 1997, the architecture and code of

More information

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Secure, Scalable and Reliable Cloud Analytics from FusionOps White Paper Secure, Scalable and Reliable Cloud Analytics from FusionOps A FusionOps White Paper FusionOps 265 Santa Ana Court Sunnyvale, CA 94085 www.fusionops.com World-class security... 4 Physical Security...

More information

Enterprise level security, the Huddle way.

Enterprise level security, the Huddle way. Enterprise level security, the Huddle way. Security whitepaper TABLE OF CONTENTS 5 Huddle s promise Hosting environment Network infrastructure Multiple levels of security Physical security System & network

More information

Enterprise Architecture Review Checklist

Enterprise Architecture Review Checklist Enterprise Architecture Review Checklist Software as a Service (SaaS) Solutions Overview This document serves as Informatica s Enterprise Architecture (EA) Review checklist for Cloud vendors that wish

More information

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM Las Vegas Datacenter Overview Product Overview and Data Sheet Product Data Sheet Maintaining a Software as a Service (SaaS) environment with market leading availability and security is something that Active

More information

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales SMS Systems Management Specialists Cloud Computing Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales Cloud Computing The SMS Model: Cloud computing is a model for enabling ubiquitous, convenient,

More information

Retention & Destruction

Retention & Destruction Last Updated: March 28, 2014 This document sets forth the security policies and procedures for WealthEngine, Inc. ( WealthEngine or the Company ). A. Retention & Destruction Retention & Destruction of

More information

Our Cloud Offers You a Brighter Future

Our Cloud Offers You a Brighter Future Our Cloud Offers You a Brighter Future Qube Global Software Cloud Services are used by many diverse organisations including financial institutions, international service providers, property companies,

More information

White Paper How Noah Mobile uses Microsoft Azure Core Services

White Paper How Noah Mobile uses Microsoft Azure Core Services NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah

More information

Credit Unions and The Cloud. By: Chris Sachse

Credit Unions and The Cloud. By: Chris Sachse Credit Unions and The Cloud By: Chris Sachse Agenda! Introduction.! Definition of the cloud.! Discuss cloud popularity.! Look at the use of the cloud.! Discuss cloud management.! Discuss cloud security.!

More information

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for

More information

SNAP WEBHOST SECURITY POLICY

SNAP WEBHOST SECURITY POLICY SNAP WEBHOST SECURITY POLICY Should you require any technical support for the Snap survey software or any assistance with software licenses, training and Snap research services please contact us at one

More information

System Security. Your data security is always our top priority

System Security. Your data security is always our top priority Your data security is always our top priority Data security is an important factor for every client, our continued investment in the latest technology methods and world class data centres show our commitment

More information

Security & Infra-Structure Overview

Security & Infra-Structure Overview Security & Infra-Structure Overview Contents KantanMT Platform Security... 2 Customer Data Protection... 2 Application Security... 2 Physical and Environmental Security... 3 ecommerce Transactions... 4

More information

IBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public]

IBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public] IBX Business Network Platform Information Security Controls 2015-02- 20 Document Classification [Public] Table of Contents 1. General 2 2. Physical Security 2 3. Network Access Control 2 4. Operating System

More information

UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1

UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1 UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1 As organizations unlock the true potential of meeting over the web as an alternative to costly and timeconsuming travel,

More information

Birst Security and Reliability

Birst Security and Reliability Birst Security and Reliability Birst is Dedicated to Safeguarding Your Information 2 Birst is Dedicated to Safeguarding Your Information To protect the privacy of its customers and the safety of their

More information

Cloud Services Overview

Cloud Services Overview Cloud Services Overview John Hankins Global Offering Executive Ricoh Production Print Solutions May 23, 2012 Cloud Services Agenda Definitions Types of Clouds The Role of Virtualization Cloud Architecture

More information

NET ACCESS VOICE PRIVATE CLOUD

NET ACCESS VOICE PRIVATE CLOUD Page 0 2015 SOLUTION BRIEF NET ACCESS VOICE PRIVATE CLOUD A Cloud and Connectivity Solution for Hosted Voice Applications NET ACCESS LLC 9 Wing Drive Cedar Knolls, NJ 07927 www.nac.net Page 1 Table of

More information

ProjectManager.com Security White Paper

ProjectManager.com Security White Paper ProjectManager.com Security White Paper Standards & Practices www.projectmanager.com Introduction ProjectManager.com (PM) developed its Security Framework to continue to provide a level of security for

More information

Blue Jeans Network Security Features

Blue Jeans Network Security Features Technical Guide Blue Jeans Network Security Features Blue Jeans Network understands an organization s need for secure communications. The Blue Jeans cloud-based video conferencing platform provides users

More information

Table of Contents. Page 1 of 6 (Last updated 30 July 2015)

Table of Contents. Page 1 of 6 (Last updated 30 July 2015) Table of Contents What is Connect?... 2 Physical Access Controls... 2 User Access Controls... 3 Systems Architecture... 4 Application Development... 5 Business Continuity Management... 5 Other Operational

More information

Cherwell Software Hosted Environment. www.creekpointe.com info@creekpointe.com 864.297.4959 +1 800.613.1426

Cherwell Software Hosted Environment. www.creekpointe.com info@creekpointe.com 864.297.4959 +1 800.613.1426 Cherwell Software Hosted Environment Cherwell Software, LLC ( Cherwell ) provides an efficient, expedient, and secure hosted environment so that customers are guaranteed exceptional performance and reliability.

More information

SITECATALYST SECURITY

SITECATALYST SECURITY SITECATALYST SECURITY Ensuring the Security of Client Data June 6, 2008 Version 2.0 CHAPTER 1 1 Omniture Security The availability, integrity and confidentiality of client data is of paramount importance

More information

BOLDCHAT ARCHITECTURE & APPLICATION CONTROL

BOLDCHAT ARCHITECTURE & APPLICATION CONTROL ARCHITECTURE & APPLICATION CONTROL A technical overview of BoldChat s security. INTRODUCTION LogMeIn offers consistently reliable service to its BoldChat customers and is vigilant in efforts to provide

More information

CloudDesk - Security in the Cloud INFORMATION

CloudDesk - Security in the Cloud INFORMATION CloudDesk - Security in the Cloud INFORMATION INFORMATION CloudDesk SECURITY IN THE CLOUD 3 GOVERNANCE AND INFORMATION SECURITY 3 DATA CENTRES 3 DATA RESILIENCE 3 DATA BACKUP 4 ELECTRONIC ACCESS TO SERVICES

More information

BMC s Security Strategy for ITSM in the SaaS Environment

BMC s Security Strategy for ITSM in the SaaS Environment BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...

More information

Cloud Security: An Independent Assessent

Cloud Security: An Independent Assessent Cloud Security: An Independent Assessent A Quantix White Paper Dec 2010 Call us on: 0115 983 6200 Visit us on-line at: www.quantix-uk.com E-mail us at : enquiries@quantix-uk.com Why are people concerned

More information

Perceptive Software Platform Services

Perceptive Software Platform Services Perceptive Software Platform Services CLOUD SOLUTIONS process and content management Perceptive Software Platform Services Perceptive Software process and content management systems have been deployed

More information

Security Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1

Security Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1 JUNE 1, 2012 SalesNOW Security Policy v.1.4 2012-06-01 v.1.4 2012-06-01 1 Overview Interchange Solutions Inc. (Interchange) is the proud maker of SalesNOW. Interchange understands that your trust in us

More information

Securing the Service Desk in the Cloud

Securing the Service Desk in the Cloud TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,

More information

Managed IT Secure Infrastructure Flexible Offerings Peace of Mind

Managed IT Secure Infrastructure Flexible Offerings Peace of Mind Managed IT Secure Infrastructure Flexible Offerings Peace of Mind Your Place or Ours Why Trust Your Network to SymQuest? SymQuest is an industry leader with a national reputation for service excellence

More information

We employ third party monitoring services to continually audit our systems to measure performance and identify potential bottlenecks.

We employ third party monitoring services to continually audit our systems to measure performance and identify potential bottlenecks. Cloud computing, often referred to as simply the cloud, is the delivery of on-demand computing resources over the internet through a global network of state-of-the-art data centers. Cloud based applications

More information

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific

More information

Autodesk PLM 360 Security Whitepaper

Autodesk PLM 360 Security Whitepaper Autodesk PLM 360 Autodesk PLM 360 Security Whitepaper May 1, 2015 trust.autodesk.com Contents Introduction... 1 Document Purpose... 1 Cloud Operations... 1 High Availability... 1 Physical Infrastructure

More information

Woodcock-Johnson and Woodcock-Muñoz Language Survey Revised Normative Update Technical and Data Security Overview

Woodcock-Johnson and Woodcock-Muñoz Language Survey Revised Normative Update Technical and Data Security Overview Houghton Mifflin Harcourt - Riverside (HMH - Riverside) is pleased to offer online scoring and reporting for Woodcock-Johnson IV (WJ IV) and Woodcock-Muñoz Language Survey Revised Normative Update (WMLS-R

More information

Cloud Courses Description

Cloud Courses Description Cloud Courses Description Cloud 101: Fundamental Cloud Computing and Architecture Cloud Computing Concepts and Models. Fundamental Cloud Architecture. Virtualization Basics. Cloud platforms: IaaS, PaaS,

More information

StratusLIVE for Fundraisers Cloud Operations

StratusLIVE for Fundraisers Cloud Operations 6465 College Park Square Virginia Beach, VA 23464 757-273-8219 (main) 757-962-6989 (fax) stratuslive.com Contents Security Services... 3 Rackspace Multi Layered Approach to Security... 3 Network... 3 Rackspace

More information

Cloud Courses Description

Cloud Courses Description Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment

More information

DiamondStream Data Security Policy Summary

DiamondStream Data Security Policy Summary DiamondStream Data Security Policy Summary Overview This document describes DiamondStream s standard security policy for accessing and interacting with proprietary and third-party client data. This covers

More information

Frequently Asked Questions

Frequently Asked Questions Frequently Asked Questions Page 1 Instsanda FAQs v1.2 Instanda FAQs Contents Hosting, Security, Monitoring and Management... 3 Where is Instanda hosted?... 3 What is the hosting datacentre compliance?...

More information

Online Business Continuity Solutions for Small Businesses Comparison Report: A Sampling of Online Business Continuity, Disaster Recovery, and Backup

Online Business Continuity Solutions for Small Businesses Comparison Report: A Sampling of Online Business Continuity, Disaster Recovery, and Backup Online Business Continuity Solutions for Small Businesses Comparison Report: A Sampling of Online Business Continuity, Disaster Recovery, and Backup Solutions Designed for the Small Business Community

More information

Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security

Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security Overview Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security Blackboard Collaborate web conferencing is available in a hosted environment and this document

More information

TENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6. TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4

TENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6. TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4 TENDER NOTICE No. UGVCL/SP/III/608/GPRS Modem Page 1 of 6 TECHNICAL SPECIFICATION OF GPRS based MODEM PART 4 Cloud services (Data Centre) and related Functional requirement Cloud services as a Control

More information

Security & Infrastructure White Paper

Security & Infrastructure White Paper Proofing and approval made easy. Security & Infrastructure White Paper ProofHQ (Approvr Limited) 66 The High Street Northwood Middlesex HA6 1BL United Kingdom Email: contact.us@proofhq.com US: +1 214 519

More information

Hosted SharePoint: Questions every provider should answer

Hosted SharePoint: Questions every provider should answer Hosted SharePoint: Questions every provider should answer Deciding to host your SharePoint environment in the Cloud is a game-changer for your company. The potential savings surrounding your time and money

More information

Time to Value: Successful Cloud Software Implementation

Time to Value: Successful Cloud Software Implementation Time to Value: Successful Cloud Software Implementation Cloud & Data Security 2015 Client Conference About the Presenter Scott Schimberg, CPA, CMA Partner, Consulting, Armanino Scott became a Certified

More information

InsightCloud. www.insightcloud.com. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS?

InsightCloud. www.insightcloud.com. Hosted Desktop Service. What is InsightCloud? What is SaaS? What are the benefits of SaaS? What is InsightCloud? InsightCloud is a web portal enabling Insight customers to purchase and provision a wide range of Cloud services in a straightforward and convenient manner. What is SaaS? Software

More information

Secure Data Hosting. Your data is our top priority.

Secure Data Hosting. Your data is our top priority. Secure Data Hosting Your data is our top priority. ESO s world-class security infrastructure is designed to provide data redundancy, security and availability while keeping sensitive HIPAA and PHI information

More information

Ensuring Enterprise Data Security with Secure Mobile File Sharing.

Ensuring Enterprise Data Security with Secure Mobile File Sharing. A c c e l l i o n S e c u r i t y O v e r v i e w Ensuring Enterprise Data Security with Secure Mobile File Sharing. Accellion, Inc. Tel +1 650 485-4300 1804 Embarcadero Road Fax +1 650 485-4308 Suite

More information

With Eversync s cloud data tiering, the customer can tier data protection as follows:

With Eversync s cloud data tiering, the customer can tier data protection as follows: APPLICATION NOTE: CLOUD DATA TIERING Eversync has developed a hybrid model for cloud-based data protection in which all of the elements of data protection are tiered between an on-premise appliance (software

More information

White Paper. Software as a Service by Yardi. Secure, seamless hosting and support

White Paper. Software as a Service by Yardi. Secure, seamless hosting and support White Paper Software as a Service by Yardi Secure, seamless hosting and support Yardi, the Yardi logo, and the names of Yardi products and services are either registered trademarks or trademarks of Yardi

More information

Company Overview & Product Information

Company Overview & Product Information Quick Facts: 1100 Clients Globally Operate 4 Data Centers 22 Points of Presence CDN About Network Redux Network Redux is an Enterprise Managed Solutions Provider. We develop, deploy and manage critical

More information

Cloud Vendor Evaluation

Cloud Vendor Evaluation Cloud Vendor Evaluation Checklist Life Sciences in the Cloud Cloud Vendor Evaluation Checklist What to evaluate when choosing a cloud vendor in Life Sciences Cloud computing is radically changing business

More information

KeyLock Solutions Security and Privacy Protection Practices

KeyLock Solutions Security and Privacy Protection Practices KeyLock Solutions Overview KeyLock Solutions hosts its infrastructure at Heroku. Heroku is a cloud application platform used by organizations of all sizes to deploy and operate applications throughout

More information

Projectplace: A Secure Project Collaboration Solution

Projectplace: A Secure Project Collaboration Solution Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the

More information

Five keys to a more secure data environment

Five keys to a more secure data environment Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational

More information

Security Overview Enterprise-Class Secure Mobile File Sharing

Security Overview Enterprise-Class Secure Mobile File Sharing Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud

More information

TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES. Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1

TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES. Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1 TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1 Table of Contents 1. Operational Security 2. Physical Security 3. Network

More information

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD PROTECTING YOUR VOICE SYSTEM IN THE CLOUD Every enterprise deserves to know what its vendors are doing to protect the data and systems entrusted to them. Leading IVR vendors in the cloud, like Angel, consider

More information

THE BLUENOSE SECURITY FRAMEWORK

THE BLUENOSE SECURITY FRAMEWORK THE BLUENOSE SECURITY FRAMEWORK Bluenose Analytics, Inc. All rights reserved TABLE OF CONTENTS Bluenose Analytics, Inc. Security Whitepaper ISO 27001/27002 / 1 The Four Pillars of Our Security Program

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

Hosted Exchange. Security Overview. Learn More: Call us at 877.634.2728. www.megapath.com

Hosted Exchange. Security Overview. Learn More: Call us at 877.634.2728. www.megapath.com Security Overview Learn More: Call us at 877.634.2728. www.megapath.com Secure and Reliable Hosted Exchange Our Hosted Exchange service is delivered across an advanced network infrastructure, built on

More information

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the

More information

Druva Phoenix: Enterprise-Class. Data Security & Privacy in the Cloud

Druva Phoenix: Enterprise-Class. Data Security & Privacy in the Cloud Druva Phoenix: Enterprise-Class Data Security & Privacy in the Cloud Advanced, multi-layer security to provide the highest level of protection for today's enterprise. Table of Contents Overview...3 Cloud

More information

WHITE PAPER. How to choose and implement your cloud strategy

WHITE PAPER. How to choose and implement your cloud strategy WHITE PAPER How to choose and implement your cloud strategy INTRODUCTION Cloud computing has the potential to tip strategic advantage away from large established enterprises toward SMBs or startup companies.

More information

NCR CLOUD SERVICES OVERVIEW. An NCR Brochure

NCR CLOUD SERVICES OVERVIEW. An NCR Brochure NCR CLOUD SERVICES OVERVIEW An NCR Brochure Are you looking for a partner to provide unparalleled security, uptime and performance for your core applications? You have chosen to host your applications

More information

Level I - Public. Technical Portfolio. Revised: July 2015

Level I - Public. Technical Portfolio. Revised: July 2015 Level I - Public Technical Portfolio Revised: July 2015 Table of Contents 1. INTRODUCTION 3 1.1 About Imaginatik 3 1.2 Taking Information Security Seriously 3 2. DATA CENTER SECURITY 3 2.1 Data Center

More information

Request for Information (RFI) for Managed Hosting Service

Request for Information (RFI) for Managed Hosting Service FOOD AND AGRICULTURE ORGANIZATION OF THE UNITED NATIONS ORGANISATION DES NATIONS UNIES POUR L ALIMENTATION ET L AGRICULTURE ORGANIZACION DE LAS NACIONES UNIDAS PARA LA AGRICULTURA Y LA ALIMENTACION Viale

More information

City of Coral Gables

City of Coral Gables City of Coral Gables Information Technology Department IT TECHNICAL SUPPORT DIVISION Infrastructure Upgrade Plan Systems, Applications, Network, and Telecommunications Infrastructure OVERVIEW Last revision:

More information

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99% Security overview Collaborate on your projects in a secure environment Thousands of businesses, including Fortune 500 corporations, trust Wrike for managing their projects through collaboration in the

More information

GoodData Corporation Security White Paper

GoodData Corporation Security White Paper GoodData Corporation Security White Paper May 2016 Executive Overview The GoodData Analytics Distribution Platform is designed to help Enterprises and Independent Software Vendors (ISVs) securely share

More information

Cloud models and compliance requirements which is right for you?

Cloud models and compliance requirements which is right for you? Cloud models and compliance requirements which is right for you? Bill Franklin, Director, Coalfire Stephanie Tayengco, VP of Technical Operations, Logicworks March 17, 2015 Speaker Introduction Bill Franklin,

More information

BKDconnect Security Overview

BKDconnect Security Overview BKDconnect Security Overview 1 Introduction 1.1 What is BKDconnect 1.2 Site Creation 1.3 Client Authentication and Access 2 Security Design 2.1 Confidentiality 2.1.1 Least Privilege and Role Based Security

More information

Security from a customer s perspective. Halogen s approach to security

Security from a customer s perspective. Halogen s approach to security September 18, 2015 Security from a customer s perspective Using a cloud-based talent management program can deliver tremendous benefits to your organization, including aligning your workforce, improving

More information

BDR TM V3.0 DEPLOYMENT AND FEATURES

BDR TM V3.0 DEPLOYMENT AND FEATURES BDR TM V3.0 DEPLOYMENT AND FEATURES VEMBU TECHNOLOGIES www.vembu.com Copyright Information Information in this document is subject to change without notice. The entire risk of the use or the results of

More information

Security Considerations

Security Considerations Concord Fax Security Considerations For over 15 years, Concord s enterprise fax solutions have helped many banks, healthcare professionals, pharmaceutical companies, and legal professionals securely deliver

More information

Cloud Computing: Risks and Auditing

Cloud Computing: Risks and Auditing IIA Chicago Chapter 53 rd Annual Seminar April 15, 2013, Donald E. Stephens Convention Center @IIAChicago #IIACHI Cloud Computing: Risks Auditing Phil Lageschulte/Partner/KPMG Sailesh Gadia/Director/KPMG

More information

ANDREW HERTENSTEIN Manager Microsoft Modern Datacenter and Azure Solutions En Pointe Technologies Phone 317-362-1213

ANDREW HERTENSTEIN Manager Microsoft Modern Datacenter and Azure Solutions En Pointe Technologies Phone 317-362-1213 ANDREW HERTENSTEIN Manager Microsoft Modern Datacenter and Azure Solutions En Pointe Technologies Phone 317-362-1213 Application Compatibility Many organizations have business critical or internally

More information

Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD)

Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD) Appendix E to DIR Contract Number DIR-TSO-2736 CLOUD SERVICES CONTENT (ENTERPRISE CLOUD & PRIVATE CLOUD) Enterprise Cloud Resource Pool Services Features Sungard AS will provide the following in connection

More information

TOP SECRETS OF CLOUD SECURITY

TOP SECRETS OF CLOUD SECURITY TOP SECRETS OF CLOUD SECURITY Protect Your Organization s Valuable Content Table of Contents Does the Cloud Pose Special Security Challenges?...2 Client Authentication...3 User Security Management...3

More information

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer Securing and Auditing Cloud Computing Jason Alexander Chief Information Security Officer What is Cloud Computing A model for enabling convenient, on-demand network access to a shared pool of configurable

More information

Hosting Services VITA Contract VA-120416-AISN (Statewide contract available to any public entity in the Commonwealth)

Hosting Services VITA Contract VA-120416-AISN (Statewide contract available to any public entity in the Commonwealth) Hosting Services VITA Contract VA-120416-AISN (Statewide contract available to any public entity in the Commonwealth) March 2014 Premier Provider of egov Services to the Commonwealth of Virginia Virginia

More information

Secure Hosting Services

<cloud> Secure Hosting Services Global Resources... Local Knowledge Figtree offers the functionality of Figtree Systems Software without the upfront infrastructure investment. It is the preferred deployment solution for organisations

More information

Managing Cloud Computing Risk

Managing Cloud Computing Risk Managing Cloud Computing Risk Presented By: Dan Desko; Manager, Internal IT Audit & Risk Advisory Services Schneider Downs & Co. Inc. ddesko@schneiderdowns.com Learning Objectives Understand how to identify

More information

Security Information & Policies

Security Information & Policies Security Information & Policies 01 Table of Contents OVERVIEW CHAPTER 1 : CHAPTER 2: CHAPTER 3: CHAPTER 4: CHAPTER 5: CHAPTER 6: CHAPTER 7: CHAPTER 8: CHAPTER 9: CHAPTER 10: CHAPTER 11: CHAPTER 12: CHAPTER

More information

BeBanjo Infrastructure and Security Overview

BeBanjo Infrastructure and Security Overview BeBanjo Infrastructure and Security Overview Can you trust Software-as-a-Service (SaaS) to run your business? Is your data safe in the cloud? At BeBanjo, we firmly believe that SaaS delivers great benefits

More information

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you

More information

TRG Clients in the Cloud Today

TRG Clients in the Cloud Today Understanding Your Cloud Options for Microsoft Dynamics GP Presented by: Brady Curtis Building Now for Your Future TRG Clients in the Cloud Today Cloud 5% On Prem 95% Building Now For Your Future RG Connect

More information

Cloud Services Platform

Cloud Services Platform whitepaper Cloud Services Platform Security and Availability Controls Table of Contents Offering Statement... 3 Data Centers... 3 Software Upgrades... 4 Data Protection... 4 Availability... 5 Technology...

More information

Injazat s Managed Services Portfolio

Injazat s Managed Services Portfolio Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.

More information

Itron Cloud Services Offering

Itron Cloud Services Offering Itron Cloud Services Offering WHITE PAPER TABLE OF CONTENTS Introduction... 3 Types of Services... 3 Software as a Service (SaaS)...3 Managed Services...3 On-site Managed Services...3 Benefits... 3 Infrastructure...

More information

Cloud Services Platform. Security and Availability Controls Overview

Cloud Services Platform. Security and Availability Controls Overview Cloud Services Platform Security and Availability Controls Overview Table of Contents Offering Statement... 3 Data Centers... 3 Software Upgrades... 4 Data Protection... 5 Availability... 6 Technology...

More information

Own your own Enterprise Cloud with. FlexCloud

Own your own Enterprise Cloud with. FlexCloud Own your own Enterprise Cloud with FlexCloud What Problem do we solve? Traditional Virtualization Stack Data protection software applications PDU Backup Servers + Virtualization Storage Switch HA shared

More information

Information Technology General Controls Review (ITGC) Audit Program Prepared by:

Information Technology General Controls Review (ITGC) Audit Program Prepared by: Information Technology General Controls Review (ITGC) Audit Program Date Prepared: 2012 Internal Audit Work Plan Objective: IT General Controls (ITGC) address the overall operation and activities of the

More information

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous

More information

OPEN FOR EDUCATION. CampusNet - Managed Hosting services for Higher Education

OPEN FOR EDUCATION. CampusNet - Managed Hosting services for Higher Education OPEN FOR EDUCATION CampusNet - Managed services for Higher Education The partnership with CampusNet provides ForeFront Education with a fullservice hosting environment complete with staff who have product

More information

Security Document. Issued April 2014 Updated October 2014 Updated May 2015

Security Document. Issued April 2014 Updated October 2014 Updated May 2015 Security Document Issued April 2014 Updated October 2014 Updated May 2015 Table of Contents Issued April 2014... 1 Updated October 2014... 1 Updated May 2015... 1 State-of-the-art Security for Legal Data...

More information

Virtual Data Centre Public Cloud Simplicity Private Cloud Security

Virtual Data Centre Public Cloud Simplicity Private Cloud Security Virtual Data Centre Public Cloud Simplicity Private Cloud Security www.interoute.com Interoute Virtual Data Centre Virtual Data Centre (VDC) is Interoute s Enterprise class Infrastructure as a Service

More information

HIPAA Privacy & Security White Paper

HIPAA Privacy & Security White Paper HIPAA Privacy & Security White Paper Sabrina Patel, JD +1.718.683.6577 sabrina@captureproof.com Compliance TABLE OF CONTENTS Overview 2 Security Frameworks & Standards 3 Key Security & Privacy Elements

More information