Level I - Public. Technical Portfolio. Revised: July 2015
|
|
- Clare Bishop
- 8 years ago
- Views:
Transcription
1 Level I - Public Technical Portfolio Revised: July 2015
2 Table of Contents 1. INTRODUCTION About Imaginatik Taking Information Security Seriously 3 2. DATA CENTER SECURITY Data Center Requirements Business Continuity and Backup Physical Security Environmental Controls Fire Suppression Power Management 4 3. SYSTEM DESIGN Security Infrastructure Performance Virus Protection and Patching System Monitoring Change Management 6 4. SECURITY MANAGEMENT Security Framework Regulations Dedicated Information Security Officer User Authentication and Data Security System Access Management Legal Requirements 7
3
4 1. Introduction 1.1 About Imaginatik Imaginatik is the leading provider of innovation management solutions to the world s top organizations. Since 1996 Imaginatik has deployed hundreds of software installations with our proprietary innovation technology, Innovation Central. This platform helps harness an organization s creative minds and helps them collaborate to solve its most pressing issues. As such, Imaginatik is well-versed in managing top-level ideas that will become the next big competitive advantages for an organization. This document provides details about the security practices at Imaginatik that makes this idea management possible. To discover what Imaginatik can do for your organization visit. 1.2 Taking Information Security Seriously Imaginatik regards Information as a major corporate asset, which is to be protected and safeguarded in the same way as more tangible assets such as cash and other forms of intrinsic value. Information and the supporting processes, systems and networks are important business assets. Both the information and the technology are subject to various threats that, if realized, could result in direct financial loss to Imaginatik and its customers. At Imaginatik we have established strong security controls to prevent this. 2. Data Center Security 2.1 Data Center Requirements Imaginatik only uses data centers that are capable of meeting our customers stringent requirements. The data centers that we use are hosted in the US and the UK by organizations that are regularly audited and are either SOC-2 type II certified, SSAE 16 type II (formerly SAS 70) attested or ISO27001:2005 and ISO 9001:2008 certified. These provide us with network connectivity and dedicated servers ensuring that your data is held securely, enabling you to meet any compliance issues you may face in regards to audits your security team may otherwise require. The following is an example of some of the areas tested, examined and documented during the certification audits: Data Control, Security, Environmental Controls, Fire Suppression, UPS and Diesel Generator Backup, Physical Access Controls, Human Resource and Personnel Controls, Infrastructure, Bandwidth.
5 Our US data center is also Safe Harbor compliant. 2.2 Business Continuity and Backup Imaginatik has two data center providers, which allows us many options when it comes to disaster recovery. Daily off-site backups ensure that we have the ability to recover and rebuild customer environments even in the event of total loss of one data center. Interruptions to our service are extremely rare, most commonly being caused by network issues between the customer network and the Imaginatik data center concerned. In the event of a problem affecting a customer server, we will do everything possible to recover the service as quickly as possible. If this takes longer than a few minutes, the customer concerned will be notified and kept informed until normal service is resumed. If the service interruption looks likely to be extended then we will start to restore the existing environment on a server in the other data center. This will then normally be available for use within 72 hours of the disaster, although the annual Disaster Recovery test consistently shows restoration could be 24 hours, or less. The data used will be no more than one day out of date. 2.3 Physical Security The entire data center is monitored 24x7 by security cameras and on-site staff. Cameras are positioned at every entrance, each and every rack isle and customer cage areas. All security cameras are recorded. Card access controls, biometric identification and security guards are also in place to prevent unauthorized access. 2.4 Environmental Controls Indoor cooling systems provide precise, reliable control of the data center temperature, humidity, and airflow that improves operating conditions for sensitive electronic equipment. 2.5 Fire Suppression To prevent accidental sprinkler discharge, the data center is equipped with a zoned, dry-pipe, pre-action sprinkler system that requires two or more sensors to activate. 2.6 Power Management The US data center building is served by three ultra reliable underground grids configured in a spot network that allows any one grid to drop without interruption to the building power supply. An uninterruptible power supply (UPS) is maintained that insures against short-term interruptions of power. UPS's also regulate the quality of power so that all equipment receives constant line voltage.
6 The UK data center gets its power from dual independent power feeds, backed up by dual battery string Uninterrupted Power Supplies (UPS) systems (deployed as standard). It also features 6 x DELPHYS MX 3 phase 500 kva UPS from Socomec, providing fault tolerant architecture with built in N+1 redundancy. Put simply, if the world were to end, the data centers could still function for another 2 days! 3. SYSTEM DESIGN 3.1 Security Infrastructure Imaginatik offers a very comprehensive platform that makes use of the latest security features including: Continuous Availability - All customer environments use clustered servers with automatic failover, so that any outage on one server won t cause an interruption to your service. Optimized Performance - We make extensive use of load balancers to ensure consistently fast response times especially during peak usage. Network Security - Our networks are protected by powerful firewalls configured to follow industry best practices for network ingress/egress security. We also implement intrusion detection / prevention systems to protect our service. Advanced Content Distribution A huge network of over 95,000 servers deployed worldwide provide a secure, fast and reliable path to our data centers, ensuring that you get the fastest possible response times wherever your users are located. In addition, a monitoring system analyzes all activities on servers and triggers notifications to our engineers to quickly assess and respond to any service disruption issues or other events. Powerful encryption is utilized ensuring data within Innovation Central is protected both in transit and rest. 3.2 Performance Service availability for Innovation Central is an impressive 99.9%, excluding scheduled maintenance periods. We measure end-to-end response times not just as measured in our data centers, but right out to the end user on your network. Our target is to have key pages in Innovation Central load in less than two seconds on average. Our technology allows us to identify those customers whose networks are most in need of improvement, compared to those customers who are achieving very fast response times. This improves participation and enables those customers to get better results from their challenges.
7 3.3 Virus Protection and Patching Virus protection is enabled on all servers and is updated on a daily basis. Operating System patches are installed at least monthly. Application server patches are promptly installed, to allow our customers to benefit from improvements to the core software. 3.4 System Monitoring Network and server infrastructure is monitored for performance and outages. Technical staff are automatically notified if and when an outage or performance problem occurs. Customers are immediately notified of any incidents affecting their data. 3.5 Change Management All modifications to the production environment follow a documented change control procedure that describes the migration path from development to test to production. 4. SECURITY MANAGEMENT 4.1 Security Framework Regulations Our Policies and Procedures are based on ISO Standard 27002, which is a set of best practices to be adopted by organizations in order to implement proper information security. All members of Imaginatik staff have a responsibility to ensure the data they are exposed to is protected to the best of their abilities. The Information Security Policies that provide directions on how to achieve this are written in line with ISO This demonstrates to your security team that adequate safeguards and controls are in place to an international recognized standard for managing and processing data belonging to our customers. 4.2 Dedicated Information Security Officer Imaginatik employs a dedicated Information Security Officer who has over nine years experience of information security within a financially regulated environment. The Information Security Officer is responsible for advising the Company on all security matters, managing the overall strategic security program, performing security reviews, and ensuring non public client and company data is adequately protected. A key part of the Information Security Officer s role is the education of staff. This is achieved by performing security training which includes password management, secure management of client data, physical security of company equipment, management, internet usage and mobile computing.
8 4.3 User Authentication and Data Security Security has always been an integral part of Imaginatik s system design and quality assurance. The key security principles of Innovation Central include: Detailed role-based data security and authorization model. We have eight different roles available, allowing program administrators to configure access privileges to exactly the way they want them. User access management is fully delegated to the Innovation Central program administrators, ensuring that someone from your organization can configure security settings at any time. Password management (also configurable within Innovation Central) is based on bestpractice requirements and can be set to match your policies. User Administration. The administrator can manage user accounts directly. Users may also self-register. Self-registration can be limited to only individuals whose address domain matches a pre-selected list or it can be wide open. After a user self-registers; a validation is sent the user instructing them to click on a secured link which activates their account. If desired, we can establish a Single-Sign-On (SSO) access scheme that will allow you to use the login information in your own directory. Imaginatik has extensive experience in implementing SSO for Innovation Central with various systems. In most implementations, SAML 2.0 is used to provide SSO. 4.4 System Access Management Only Imaginatik employees who have a valid business reason (along with the clients approval when required) are granted access to client data. This is controlled by two-factor authentication using a One Time Password (OTP) and end-to end encryption. This gives the user access to a Secure Management Console (SMC) where client data can be accessed but cannot be downloaded onto the users computer or any other type of removal media device. 4.5 Legal Requirements Information in all its forms, particularly information about our clients, is one of the Company s most valuable assets. The security of that information and the adherence to the legal requirements around its storage and use is of paramount importance. In addition to regulatory requirements, Imaginatik has a strict information-protection policy to which every employee is required to adhere. Employees are also bound by a contract and Non Disclosure Agreement (NDA) and undergo full background checks during the new hire on-boarding process.
KeyLock Solutions Security and Privacy Protection Practices
KeyLock Solutions Overview KeyLock Solutions hosts its infrastructure at Heroku. Heroku is a cloud application platform used by organizations of all sizes to deploy and operate applications throughout
More informationData Center Infrastructure & Managed Services Outline
Data Center Infrastructure & Managed Services Outline The 360 Technology Center Solutions Data Center is located in Lombard, IL, USA. We are 20 minutes outside of downtown Chicago. The 360TCS staff consists
More informationPowering the Cloud Desktop: OS33 Data Centers
OS33 Data Centers info@os33.com (866) 796-0310 www.os33.com It is hard to overstate the importance of security and uptime, which is why we obsess over making sure that your corporate information assets
More informationAutodesk PLM 360 Security Whitepaper
Autodesk PLM 360 Autodesk PLM 360 Security Whitepaper May 1, 2015 trust.autodesk.com Contents Introduction... 1 Document Purpose... 1 Cloud Operations... 1 High Availability... 1 Physical Infrastructure
More informationFive keys to a more secure data environment
Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational
More informationSecure, Scalable and Reliable Cloud Analytics from FusionOps
White Paper Secure, Scalable and Reliable Cloud Analytics from FusionOps A FusionOps White Paper FusionOps 265 Santa Ana Court Sunnyvale, CA 94085 www.fusionops.com World-class security... 4 Physical Security...
More informationSITECATALYST SECURITY
SITECATALYST SECURITY Ensuring the Security of Client Data June 6, 2008 Version 2.0 CHAPTER 1 1 Omniture Security The availability, integrity and confidentiality of client data is of paramount importance
More informationProjectManager.com Security White Paper
ProjectManager.com Security White Paper Standards & Practices www.projectmanager.com Introduction ProjectManager.com (PM) developed its Security Framework to continue to provide a level of security for
More informationLas Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM
Las Vegas Datacenter Overview Product Overview and Data Sheet Product Data Sheet Maintaining a Software as a Service (SaaS) environment with market leading availability and security is something that Active
More informationData Center Application and Equipment Hosting Services Effective April 1, 2009 Revised March 7, 2011
Information Technology Data Center Application and Equipment Hosting Services Effective April 1, 2009 Revised This document outlines the services NUIT provides from the central data centers to host applications
More informationStratusLIVE for Fundraisers Cloud Operations
6465 College Park Square Virginia Beach, VA 23464 757-273-8219 (main) 757-962-6989 (fax) stratuslive.com Contents Security Services... 3 Rackspace Multi Layered Approach to Security... 3 Network... 3 Rackspace
More informationBOLDCHAT ARCHITECTURE & APPLICATION CONTROL
ARCHITECTURE & APPLICATION CONTROL A technical overview of BoldChat s security. INTRODUCTION LogMeIn offers consistently reliable service to its BoldChat customers and is vigilant in efforts to provide
More informationCONTENTS. Security Policy
CONTENTS PHYSICAL SECURITY (UK) PHYSICAL SECURITY (CHICAGO) PHYSICAL SECURITY (PHOENIX) PHYSICAL SECURITY (SINGAPORE) SYSTEM SECURITY INFRASTRUCTURE Vendor software updates Security first policy CUSTOMER
More informationBirst Security and Reliability
Birst Security and Reliability Birst is Dedicated to Safeguarding Your Information 2 Birst is Dedicated to Safeguarding Your Information To protect the privacy of its customers and the safety of their
More informationSecurity Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1
JUNE 1, 2012 SalesNOW Security Policy v.1.4 2012-06-01 v.1.4 2012-06-01 1 Overview Interchange Solutions Inc. (Interchange) is the proud maker of SalesNOW. Interchange understands that your trust in us
More informationSNAP WEBHOST SECURITY POLICY
SNAP WEBHOST SECURITY POLICY Should you require any technical support for the Snap survey software or any assistance with software licenses, training and Snap research services please contact us at one
More informationMAXIMUM DATA SECURITY with ideals TM Virtual Data Room
MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for
More informationItron Cloud Services Offering
Itron Cloud Services Offering WHITE PAPER TABLE OF CONTENTS Introduction... 3 Types of Services... 3 Software as a Service (SaaS)...3 Managed Services...3 On-site Managed Services...3 Benefits... 3 Infrastructure...
More informationOPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE
OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific documents requested,
More informationSecurity Controls for the Autodesk 360 Managed Services
Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices
More informationInformation Technology Security Procedures
Information Technology Security Procedures Prepared By: Paul Athaide Date Prepared: Dec 1, 2010 Revised By: Paul Athaide Date Revised: September 20, 2012 Version 1.2 Contents 1. Policy Procedures... 3
More informationFormFire Application and IT Security. White Paper
FormFire Application and IT Security White Paper Contents Overview... 3 FormFire Corporate Security Policy... 3 Organizational Security... 3 Infrastructure and Security Team... 4 Application Development
More informationOracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0
Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies
More informationSWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE
SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific
More informationSecurity Whitepaper: ivvy Products
Security Whitepaper: ivvy Products Security Whitepaper ivvy Products Table of Contents Introduction Overview Security Policies Internal Protocol and Employee Education Physical and Environmental Security
More informationDESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE
DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the
More informationClient Security Risk Assessment Questionnaire
Select the appropriate answer from the drop down in the column, and provide a brief description in the section. 1 Do you have a member of your organization with dedicated information security duties? 2
More informationHosted Exchange. Security Overview. Learn More: Call us at 877.634.2728. www.megapath.com
Security Overview Learn More: Call us at 877.634.2728. www.megapath.com Secure and Reliable Hosted Exchange Our Hosted Exchange service is delivered across an advanced network infrastructure, built on
More informationSecurity Document. Issued April 2014 Updated October 2014 Updated May 2015
Security Document Issued April 2014 Updated October 2014 Updated May 2015 Table of Contents Issued April 2014... 1 Updated October 2014... 1 Updated May 2015... 1 State-of-the-art Security for Legal Data...
More informationHIPAA Security Alert
Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information
More informationYubiCloud OTP Validation Service. Version 1.2
YubiCloud OTP Validation Service Version 1.2 5/12/2015 Introduction Disclaimer Yubico is the leading provider of simple, open online identity protection. The company s flagship product, the YubiKey, uniquely
More informationSecurity Practices, Architecture and Technologies
Security Practices, Architecture and Technologies CONTACT: 36 S. Wall Street Columbus, OH 43215 1-800-VAB-0300 www.viewabill.com 1 CONTENTS End-to-End Security Processes and Technologies... 3 Secure Architecture...
More informationWhite paper. SAS Solutions OnDemand Hosting Overview
White paper SAS Solutions OnDemand Hosting Overview Contents Overview...1 Cary 1 Facility Specifications...2 Cary 2 Facility Specifications (SAS New Cloud Computing Center)...3 Charlotte 1 Facility Specifications...4
More informationBMC s Security Strategy for ITSM in the SaaS Environment
BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...
More informationWhitepaper - Security e-messenger
Whitepaper 1 Security e-messenger Contents 1. Introduction Page 3 2. Data centre security and connection Page 3 a. Security Page 3 b. Power Page 3 c. Cooling Page 3 d. Fire suppression Page 3 3. Server
More informationDATA CENTER COLOCATION
DATA CENTER COLOCATION An easy decision, a difficult choice Differentiating one colocation provider from another can be a challenge. They all promise much the same service and it is tempting to select
More informationRemote Disaster Recovery Services Suite (nvision Edition)
Remote Disaster Recovery Services Suite (nvision Edition) Services Suite includes Remote Backup Service Comprehensive suite of services designed to get you back up and running quickly and successfully
More informationCreated By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee
Windows Server Security Best Practices Initial Document Created By: 2009 Windows Server Security Best Practices Committee Document Creation Date: August 21, 2009 Revision Revised By: 2014 Windows Server
More informationcolocation. perfected.
colocation. perfected. colocation perfected The expert team of COLO@ have the talent, tools, and facilities to power your operation all day, every day. Since 2008, COLO@ has been providing the critical
More informationIBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public]
IBX Business Network Platform Information Security Controls 2015-02- 20 Document Classification [Public] Table of Contents 1. General 2 2. Physical Security 2 3. Network Access Control 2 4. Operating System
More informationDISASTER RECOVERY. Omniture Disaster Plan. June 2, 2008 Version 2.0
DISASTER RECOVERY Omniture Disaster Plan June 2, 2008 Version 2.0 CHAPTER 1 1 Disaster Recovery Plan Overview In the event that one of our data collection environments are unavailable due to an event,
More informationGiftWrap 4.0 Security FAQ
GiftWrap 4.0 Security FAQ The information presented here is current as of the date of this document, and may change from time-to-time, in order to reflect s ongoing efforts to maintain the highest levels
More informationXerox Litigation Services. In the Cybersecurity Hot Seat: How Law Firms are Optimizing Security While Reducing Cost and Risk
Xerox Litigation Services In the Cybersecurity Hot Seat: How Law Firms are Optimizing Security While Reducing Cost and Risk Your Highest Priority is also Your Greatest Challenge Data breaches are not just
More informationmodules 1 & 2. Section: Information Security Effective: December 2005 Standard: Server Security Standard Revised: Policy Ref:
SERVER SECURITY STANDARD Security Standards are mandatory security rules applicable to the defined scope with respect to the subject. Overview Scope Purpose Instructions Improperly configured systems,
More informationWoodcock-Johnson and Woodcock-Muñoz Language Survey Revised Normative Update Technical and Data Security Overview
Houghton Mifflin Harcourt - Riverside (HMH - Riverside) is pleased to offer online scoring and reporting for Woodcock-Johnson IV (WJ IV) and Woodcock-Muñoz Language Survey Revised Normative Update (WMLS-R
More informationSupplier Security Assessment Questionnaire
HALKYN CONSULTING LTD Supplier Security Assessment Questionnaire Security Self-Assessment and Reporting This questionnaire is provided to assist organisations in conducting supplier security assessments.
More informationSecurity+ Guide to Network Security Fundamentals, Fourth Edition. Chapter 13 Business Continuity
Security+ Guide to Network Security Fundamentals, Fourth Edition Chapter 13 Business Continuity Objectives Define environmental controls Describe the components of redundancy planning List disaster recovery
More information7QUESTIONSYOUNEEDTOASKBEFORE CHOOSINGACOLOCATIONFACILITY FORYOURBUSINESS
7QUESTIONSYOUNEEDTOASKBEFORE CHOOSINGACOLOCATIONFACILITY FORYOURBUSINESS ExecutiveBrief P a g e 1 Executive Brief 7 Questions You Need to Ask Before Choosing a Colocation Facility for Your Business Choosing
More informationDropbox for Business. Secure file sharing, collaboration and cloud storage. G-Cloud Service Description
Dropbox for Business Secure file sharing, collaboration and cloud storage G-Cloud Service Description Table of contents Introduction to Dropbox for Business 3 Security 7 Infrastructure 7 Getting Started
More informationProjectplace: A Secure Project Collaboration Solution
Solution brief Projectplace: A Secure Project Collaboration Solution The security of your information is as critical as your business is dynamic. That s why we built Projectplace on a foundation of the
More informationFamly ApS: Overview of Security Processes
Famly ApS: Overview of Security Processes October 2015 Please consult http://famly.co for the latest version of this paper Page 1 of 10 Table of Contents 1. INTRODUCTION TO SECURITY AT FAMLY... 3 2. PHYSICAL
More informationcustom hosting for how you do business
custom hosting for how you do business 24775 League Island Boulevard Philadelphia PA 19112 gibraltarit.com 866.410.4427 Gibraltar s replicated cloud architecture and PCI/HIPAA compliant data centers provide
More informationSecuring the Service Desk in the Cloud
TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,
More informationKeyfort Cloud Services (KCS)
Keyfort Cloud Services (KCS) Data Location, Security & Privacy 1. Executive Summary The purposes of this document is to provide a common understanding of the data location, security, privacy, resiliency
More informationThings You Need to Know About Cloud Backup
Things You Need to Know About Cloud Backup Over the last decade, cloud backup, recovery and restore (BURR) options have emerged as a secure, cost-effective and reliable method of safeguarding the increasing
More informationBlackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security
Overview Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security Blackboard Collaborate web conferencing is available in a hosted environment and this document
More informationSaaS Security for the Confirmit CustomerSat Software
SaaS Security for the Confirmit CustomerSat Software July 2015 Arnt Feruglio Chief Operating Officer The Confirmit CustomerSat Software Designed for The Web. From its inception in 1997, the architecture
More informationby New Media Solutions 37 Walnut Street Wellesley, MA 02481 p 781-235-0128 f 781-235-9408 www.avitage.com Avitage IT Infrastructure Security Document
Avitage IT Infrastructure Security Document The purpose of this document is to detail the IT infrastructure security policies that are in place for the software and services that are hosted by Avitage.
More informationSecurity Information & Policies
Security Information & Policies 01 Table of Contents OVERVIEW CHAPTER 1 : CHAPTER 2: CHAPTER 3: CHAPTER 4: CHAPTER 5: CHAPTER 6: CHAPTER 7: CHAPTER 8: CHAPTER 9: CHAPTER 10: CHAPTER 11: CHAPTER 12: CHAPTER
More informationCloudDesk - Security in the Cloud INFORMATION
CloudDesk - Security in the Cloud INFORMATION INFORMATION CloudDesk SECURITY IN THE CLOUD 3 GOVERNANCE AND INFORMATION SECURITY 3 DATA CENTRES 3 DATA RESILIENCE 3 DATA BACKUP 4 ELECTRONIC ACCESS TO SERVICES
More informationHosted SharePoint: Questions every provider should answer
Hosted SharePoint: Questions every provider should answer Deciding to host your SharePoint environment in the Cloud is a game-changer for your company. The potential savings surrounding your time and money
More informationFully Managed Secure Data Sharing (a cloud service)
Protect your critical infrastructure, information & interactions Fully Managed Secure Data Sharing (a cloud service) working on behalf of What is Fully Managed Secure Data Share - FMSDS? Core Technology
More informationSecure and control how your business shares files using Hightail
HIGHTAIL FOR ENTERPRISE: SECURITY OVERVIEW Secure and control how your business shares files using Hightail Information the lifeblood of any business is potentially placed at risk every time digital files
More informationSAS 70 Type II Audits
Thinking from IntraLinks SAS 70 Type II Audits SAS 70 Type II Audits Ensuring Data Security, Reliability and Integrity If your organization shares sensitive data over the Internet, you need rigorous controls
More informationSupplier Information Security Addendum for GE Restricted Data
Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,
More informationUNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1
UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1 As organizations unlock the true potential of meeting over the web as an alternative to costly and timeconsuming travel,
More informationDatacentre Studley. Dedicated managed environment for mission critical services. Six Degrees Group www.6dg.co.uk
Dedicated managed environment for mission critical services www.6dg.co.uk Our datacentres are the core of our business. At we own and manage 30,000 square feet of highly available, geographically diverse
More informationShareFile Security Overview
ShareFile Security Overview ShareFile Company Policy All ShareFile employees undergo full background checks and sign our information security policy prior to beginning employment with the company. The
More informationMEDIAROOM. Products Hosting Infrastructure Documentation. Introduction. Hosting Facility Overview
MEDIAROOM Products Hosting Infrastructure Documentation Introduction The purpose of this document is to provide an overview of the hosting infrastructure used for our line of hosted Web products and provide
More informationUse of Exchange Mail and Diary Service Code of Practice
Use of Exchange Mail and Diary Service Code of Practice Introduction This code of practice outlines the support mechanisms in place for the security of the Exchange mail and diary service. References are
More informationInformation Technology General Controls Review (ITGC) Audit Program Prepared by:
Information Technology General Controls Review (ITGC) Audit Program Date Prepared: 2012 Internal Audit Work Plan Objective: IT General Controls (ITGC) address the overall operation and activities of the
More informationSITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA
SITA Information Security SITA Security Requirements for Third-Party Service Providers that Access, Process, Store or Transmit Data on Behalf of SITA September, 2012 Contents 1. Introduction... 3 1.1 Overview...
More informationSecurity & Infra-Structure Overview
Security & Infra-Structure Overview Contents KantanMT Platform Security... 2 Customer Data Protection... 2 Application Security... 2 Physical and Environmental Security... 3 ecommerce Transactions... 4
More informationInfor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security
Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous
More information6Your Guide to a Superior
Data Center Pillars 6Your Guide to a Superior Data Center Solution 6 Data Center Pillars I. Classification Level: Tier III Compliance Assures Performance II. Backed by SAP: SSAE 16 Type II Certification
More informationPerceptive Software Platform Services
Perceptive Software Platform Services CLOUD SOLUTIONS process and content management Perceptive Software Platform Services Perceptive Software process and content management systems have been deployed
More informationInformation That Should Help You Sleep at Night
Box Security Overview Information That Should Help You Sleep at Night Box s security controls and the ability to turn on and off folder access are key for us. Brian Davis President, Net Generation More
More informationCloud Computing. Chapter 10 Disaster Recovery and Business Continuity and the Cloud
Cloud Computing Chapter 10 Disaster Recovery and Business Continuity and the Cloud Learning Objectives Define and describe business continuity. Define and describe disaster recovery. Describe the benefits
More information1 Introduction 2. 2 Document Disclaimer 2
Important: We take great care to ensure that all parties understand and appreciate the respective responsibilities relating to an infrastructure-as-a-service or self-managed environment. This document
More informationYubiCloud Validation Service. Version 1.1
YubiCloud Service Version 1.1 5/29/2012 Introduction Disclaimer Yubico is the leading provider of simple, open online identity protection. The company s flagship product, the YubiKey, uniquely combines
More informationUnderstanding Sage CRM Cloud
Understanding Sage CRM Cloud Data centre and platform security whitepaper Document version 2016 Table of Contents 1.0 Introduction 3 2.0 Sage CRM Cloud Data centre Infrastructure 4 2.1 Site location 4
More informationPrivacy + Security + Integrity
Privacy + Security + Integrity Docufree Corporation Data Security Checklist Security by Design Docufree is very proud of our security record and our staff works diligently to maintain the greatest levels
More informationCA Cloud Overview Benefits of the Hyper-V Cloud
Benefits of the Hyper-V Cloud For more information, please contact: Email: sales@canadianwebhosting.com Ph: 888-821-7888 Canadian Web Hosting (www.canadianwebhosting.com) is an independent company, hereinafter
More informationCHIS, Inc. Privacy General Guidelines
CHIS, Inc. and HIPAA CHIS, Inc. provides services to healthcare facilities and uses certain protected health information (PHI) in connection with performing these services. Therefore, CHIS, Inc. is classified
More informationCompany Overview & Product Information
Quick Facts: 1100 Clients Globally Operate 4 Data Centers 22 Points of Presence CDN About Network Redux Network Redux is an Enterprise Managed Solutions Provider. We develop, deploy and manage critical
More informationAPPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST
APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST Application Name: Vendor Name: Briefly describe the purpose of the application. Include an overview of the application architecture, and identify the data
More informationWhy SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?
SaaS vs. COTS Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? Unlike COTS solutions, SIMCO s CERDAAC is software that is offered as a service (SaaS). This offers several
More informationEnterprise level security, the Huddle way.
Enterprise level security, the Huddle way. Security whitepaper TABLE OF CONTENTS 5 Huddle s promise Hosting environment Network infrastructure Multiple levels of security Physical security System & network
More informationRetention & Destruction
Last Updated: March 28, 2014 This document sets forth the security policies and procedures for WealthEngine, Inc. ( WealthEngine or the Company ). A. Retention & Destruction Retention & Destruction of
More informationUniversity of Pittsburgh Security Assessment Questionnaire (v1.5)
Technology Help Desk 412 624-HELP [4357] technology.pitt.edu University of Pittsburgh Security Assessment Questionnaire (v1.5) Directions and Instructions for completing this assessment The answers provided
More informationIT - General Controls Questionnaire
IT - General Controls Questionnaire Internal Control Questionnaire Question Yes No N/A Remarks G1. ACCESS CONTROLS Access controls are comprised of those policies and procedures that are designed to allow
More informationNetSuite Data Center Fact Sheet
NetSuite Data Center Fact Sheet Enterprise-Class Data Management, Security, Performance and Availability NetSuite is the world s largest cloud ERP vendor, supporting over 20,000 organizations, processing
More informationTable of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.
FME Cloud Security Table of Contents FME Cloud Architecture Overview Secure Operations I. Backup II. Data Governance and Privacy III. Destruction of Data IV. Incident Reporting V. Development VI. Customer
More informationTechnical Overview N2EX
25.09.2014 Espen Døvle Technical Overview N2EX Nord Pool Spot AS Tel +47 6710 9100 Fax +47 6710 9101 PO Box 121, NO-1325 Lysaker, Norway Org nr. NO 984 058 098 MVA norway@npspot.com www.nordpoolspot.com
More informationTASK -040. TDSP Web Portal Project Cyber Security Standards Best Practices
Page 1 of 10 TSK- 040 Determine what PCI, NERC CIP cyber security standards are, which are applicable, and what requirements are around them. Find out what TRE thinks about the NERC CIP cyber security
More informationAltus UC Security Overview
Altus UC Security Overview Description Document Version D2.3 TABLE OF CONTENTS Network and Services Security 1. OVERVIEW... 1 2. PHYSICAL SECURITY... 1 2.1 FACILITY... 1 ENVIRONMENTAL SAFEGUARDS... 1 ACCESS...
More informationTroux Hosting Options
Troux Hosting Options Introducing Troux Hosting Options Benefits of a Hosted Troux Environment...3 Convenience...3 Time-to-Value...3 Reduced Cost of Ownership...3 Scalability and Flexibility...3 Security...4
More informationWhat is the Cloud, and why should it matter?
391 12 What is the Cloud, and why should it matter? 23 Everyone seems to be asking about it. No one seems to know exactly what it is, what they need, and where to find it. 4 A Philosophy of Design and
More informationensure prompt restart of critical applications and business activities in a timely manner following an emergency or disaster
Security Standards Symantec shall maintain administrative, technical, and physical safeguards for the Symantec Network designed to (i) protect the security and integrity of the Symantec Network, and (ii)
More informationFocus on your business and leave the disaster recovery planning to us. Data and server restoration from Green Cloud Technologies.
Focus on your business and leave the disaster recovery planning to us. Data and server restoration from Green Cloud Technologies. A reason to expect the unexpected. A recent Gartner Group study reported
More information