Adobe Analytics Data Workbench Managed Service Security

Size: px
Start display at page:

Download "Adobe Analytics Data Workbench Managed Service Security"

Transcription

1 Adobe Marketing Cloud White Paper Adobe Analytics Data Workbench Managed Service Security Table of contents 1. Network Operations Personnel Security 2. Data Backup and Archival Services and Policies 3. Continuity of Business and Redundancy Options 4. Change Control Processes 5. Availability and Performance Rating 6. Managed Service Security Infrastructure 7. Data Retention Policies 8. Access to Offline Data 9. Remote Data Integration 10. Remote Application Administration 11. Physical Security For our Managed Service Option, Adobe provides Adobe Analytics Premium clients with an outsourced, high quality delivery of our analysis, reporting, and data collection applications. As part of the process of establishing this service for a client, we provision, configure, manage, and maintain our software applications, including the underlying supporting software and all related hardware components. Our Managed Services include the support of related server operating systems, any third-party software, and other components necessary for the management and monitoring of the Managed Services environment. For our Managed Service solutions, Adobe provides a dedicated environment for operating the Data workbench platform. This begins with the base server hardware, which consists of high performance computing and storage servers based on either the Intel or AMD X86 architecture in a configuration optimized for high performance data analytics. Adobe provisions the systems, builds the configurations, installs the Operating System software and data workbench server software, tests the systems and deploys it in our secure hosting facility. The servers are designed for performance and reliability, with each machine containing redundant power supplies connected to separate power sources and having storage subsystems that utilize high performance RAID controllers for data access speed and reliability. We maintain an onsite reserve of spare components and equipment to deal with any hardware problems. Once deployed, the system is monitored and managed by a skilled team of systems and network professionals utilizing an array of network, systems and application management tools. This monitoring information is communicated to our 24/7 Network Operations Center to ensure that all systems are running at peak performance. Through a robust access control facility, which may be configured by a client administrator, authentication to the access control system is managed by X.509 PKI. RC4 128bit encryption is used with 1024 bit keys. Stronger ciphers may be substituted. In addition, further authorization may be provided by challenge response authentication and supported integration with corporate LDAP authorization infrastructures. We maintain security through the use of firewalls, intrusion detection, proprietary monitoring and network policies and procedures. We provide services to the U.S. Federal Government, financial institutions with GLB compliance requirements, and VeriSign, among other clients with the need for best-of-breed security. Our Security Model is comprised of the following layers: Network Operations Personnel Security Network Operations Center personnel take security very seriously and have implemented multiple procedures and technologies to maintain the security of our clients information. Adobe closely adheres to a strict Information Security Policy, and routinely conducts reviews and assessments, as well as a yearly audit conducted by an independent third party. Adobe adheres to all applicable legal and regulatory requirements, but is not beholden to any one security standard. To ensure personnel security, which is vital to any secure managed infrastructure, Adobe uses a thorough process to hire its employees. A third-party hiring service (HireRight) performs a seven-year background check on the following items: National Criminal Database

2 Court Records SSN History If the employee will have direct access to customer data, Executive approval is required and the following additional checks are performed: Motor Vehicle Records (MVR/DMV) Credit History Prohibited Parties (i.e. state/federal registries) Data Backup and Archival Services And Policies Upon server deployment, Adobe installs a configurable software Client on each server that communicates with a central backup repository and simultaneously performs backups to a dedicated multi-terabyte network-attached disk- and tape-based backup system. The system is configured to backup targeted data directories on a daily basis. The data targeted for backup includes the raw data, typically in a.vsl format, the profile and other significant data workbench configuration data, and any available integration data. The destination of the backup is to a dedicated network attached storage system provisioned with a minimum of one Terabyte of disk storage. The system is capable of expanding to multiple terabytes as needed. Having the backups reside on a disk subsystem makes the process of recovering the data much simpler and faster. The network used to backup the data is Gigabit Ethernet, which, given the higher network throughput, serves to shorten the time necessary to backup and recover data. On a once monthly basis, data is archived from the primary backup storage to disk- or tape-based portable media and delivered to a secure secondary site storage facility. All data is stored for the entire life of the contract, and data may be requested by client at any time during that time span or upon contract completion. As an option, Adobe can configure a number of high availability services engineered to support Continuity of Business requirements for redundant data collection or application and server availability. This includes the ability to replicate data in near-real-time to a secondary facility and configuring of additional server hardware to support data analysis at the secondary facility in the case of loss of connectivity to the primary facility. Continuity of Business and Redundancy Options As an option, Adobe can configure a number of high availability services engineered to support Continuity of Business requirements for redundant data collection or application and server availability. This includes the ability to replicate data in near-real-time to a secondary facility and configuring of additional server hardware to support data analysis at the secondary facility in the case of loss of connectivity to the primary facility. Adobe would be pleased to provide a quote for these services given a set of Continuity of Business objectives. Change Control Processes All system updates, environment changes and changes to the data workbench server environment are managed through the Adobe Managed Services change control process. The process begins with a work request generated out of our Ticket Management system, which tracks events from inception to completion. We utilize a testing/staging environment for validation prior to content deployment. Content is monitored continuously and any content changes generate notifications to Network Operations Center personnel. Any changes to content require strict change control procedure involving deployment to testing/staging environment. Change control is essential in all environments, as a change in a staging or development environment that creates a design flaw will typically be replicated to the production environment. Availability and Performance Monitoring Availability and performance monitoring is accomplished by utilizing a multi-pronged approach to systems and application management and monitoring. This is essentially using a combination of active, automated system and application monitoring tools, and the data workbench applications facility for self-diagnosis. We have deployed tools in our data center that continuously perform health-checks against the systems in running in 2

3 deployment. This includes monitors for items such as CPU utilization, network availability, disk space utilization, memory utilization, HTTP port availability, service state and functionality, event log errors, system board and CPU temperature, and numerous other data points. The active tools are set to alarm when a threshold is reached and the personnel at the Network Operations Center are alerted when an issue exists. In addition, the data workbench Server application has the ability to generate alarms when abnormal behavior is detected. Also, all systems management personnel routinely perform data workbench and network inspections of the systems to verify system performance and availability. Managed Service Security Infrastructure With respect to security services, Adobe has gone to great lengths to ensure that servers in the Adobe data center are protected both electronically and physically. This section describes the physical security aspect of the Adobe facility, the redundancies in place to protect the network, and corporate practices to protect Client data. Network Security Adobe employs a combination of Intrusion Detection Software and Automated Vulnerability Remediation technologies to secure the network and the systems running on the network. This is deployed in conjunction with high-performance firewall technologies to enforce a custom set of network-access rules designed for maximum security of the reporting and analytics applications operating in the client s dedicated environment. These rules are regularly monitored and updated to maintain a secure, managed environment. data workbench currently incorporates the Juniper Networks firewall solutions in a redundant configuration; this high-performance hardware firewall is capable of sustaining high bandwidth and connection rates. Firewall Protection Adobe employs high-performance hardware firewall appliances for securing the network from external network-based threats. Data workbench utilizes the Netscreen Firewall from Juniper Networks deployed in a redundant configuration; this high-performance and secure hardware firewall is capable of sustaining high bandwidth and high connection rates. We use a custom set of firewall-access rules designed for maximum security of the reporting and analytics applications operating in Client dedicated environment. These rules are regularly monitored and updated to maintain a secure, managed environment. Intrusion Detection We utilize a Network Intrusion Detection system for network-based threat detection. The system is capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, and OS fingerprinting attempts. Intrusion attempts generate alerts to the 24x7 Network Operations Center who engage immediately to resolve the issue. Data workbench employs Automated Vulnerability Remediation technologies to secure the server systems running on the network. This serves to secure the server Operating System and prevent any damage to data or applications in the unlikely event of system compromise by rogue applications or malware. The system also provides notification when system is vulnerable to comprise and requires Operating System software updates. Transmission Encryption All transmission links between our software products that leave our secured network are encrypted using SSL. Data workbench sensor transmits data to data workbench server using a single persistent HTTPS connection from anywhere on the Internet; the same is true for data transmission from data workbench server to data workbench client user interface. If any firewalls reside between data workbench sensor and data workbench server, or data workbench server and data workbench client, then HTTPS must be permitted between them through the firewall. All data transmissions are encrypted by default using SSL, RC4 128bit encryption though larger keys and other ciphers may be used in special situations upon request. Authentication 3

4 The data workbench platform PKI uses X.509 digital certificates to authenticate software components and users. Every data workbench client and named user is issued a revocable personal digital certificate that is installed on their computer to enable communications with appropriate data workbench servers. This certificate is initially locked to their computer and will not then enable access from another computer. If a digital certificate is presented that is invalid or that has not been specifically given permission to access any data on a given data workbench server, that user will be denied access. Our Report Portal has a User ID and password based authentication system that may be configured appropriately. In addition, the Report Portal may be run in HTTPS mode and or the certificate security services in the users browsers may be configured to support further authentication by X.509 certificate issued by Verisign. Data Segregation Adobe makes it a practice to deploy only dedicated infrastructure for the support of our managed services clients. This includes devices such as servers, storage, and network load-balancing switches. As a result, data collected on behalf of Adobe clients are stored separately and apart from another client s data. This isolation benefits our clients by creating a level of security and also assures that one client s systems operation will in no way affect that of another. Data Access Control The data workbench access control system is situated within data workbench server, which allows the control of access to any Profile and Dataset on a read-only or read-write basis to any named user or other application process. Multiple levels of access control are provided and may be configured remotely by a system administrator with appropriate rights. Rights may be granted based on a role, an organization, an organizational unit or an individual. This operation is performed remotely by an administrative user using the data workbench client interface. The administrator modifies the Access Control component of the application to allow the users and groups the privileges required. This configuration is typically performed upon initial setup and deployment by the Technical Account team after the requirements are gathered around the access control required for project team members and end users. Data Retention Policies Our policy for customer data retention and ownership states that the client owns all the data that we collect on their behalf and that the data is retained for the life of the contract. The raw data, stored in.vsl format, will be housed at Adobe secure hosting facility and will be sent directly to client upon contract termination or earlier if requested. To obtain the data earlier, client will need to make a written request to the account manager assigned to the project and specify the range of data required. There will be a nominal cost incurred for storage media, data retrieval and transportation. You can receive any of the collected data from our managed service solution at any time, as needed, or on a regular schedule such as daily, or weekly using the application s ability for data export. Data retention rates will vary depending on the size of the overall system deployed in support of the client and the rate in which data grows. The target range is to have data online for twelve consecutive months for data analysis purposes. This will mean that the raw data will be available for processing, which is the term Adobe uses to describe the process of preparing data for analytical use. Data workbench employs a predictive, analytical model to best calculate for the rate and quantity of data that will be generated over the coming year and recommends a system appropriately sized to accommodate the growth. The raw data beyond the twelve month period will be stored on near-line storage and is readily accessible to be placed online for processing, as long as client has the infrastructure provisioned to accommodate for it. All that data will be kept indefinitely, until the end of the contract. Report data, data that is generated by data workbench report on an interval basis and typically used for general report distribution, either via or thorough the Report Portal will be stored indefinitely as well, until the end of the contract. 4

5 Access to Offline Data If client chooses to send Adobe their offline data, we are prepared to accept it in several manners. Network and disk storage facilities will be provisioned at project inception to accommodate for client external data and can be made available. FTP or some other file transfer mechanism access can be provisioned if Client prefers. If the quantity of data is sufficiently large, client may choose to transport the data using external storage media via overnight delivery. If client has a requirement to support a specific data transfer mechanism, then Adobe can structure a support arrangement around that specific need given that any third party or custom software required for the deployment of the solution is procured by client. Remote Data Integration Procedures Our capability for integrating external data with the Web channel data collected by Data workbench sensors is flexible and adaptable to a wide range of data integration requirements. Remote data integration procedures vary based on the nature of the data being integrated. Data workbench client users, if so permissioned, can load data directly to the data workbench servers at the Managed Services data center. FTP is supported for the transfer of files to and from the Managed Services data center. In addition, data workbench server and data workbench report support other types of point-to-point data transmission. In each case, a change management process is defined for handling updates to the associated lookup files or other integration data, depending upon its nature, in order to meet client business requirements. Updated files can be loaded and integrated into the dataset processing for data workbench based on the frequency and schedule defined by client. Remote Application Administration Data workbench supports the remote administration of data workbench server and its components by a user with proper permissions. Adobe is sometimes contracted by our clients to remotely administer their Server software applications in times when they do not have appropriate staffing levels or have undergone turnover. This option allows clients who do not have internal administration staff to take advantage of running the data workbench solution in-house where advanced data integration may be implemented more readily. Physical Security Our data center facilities deliver multi-level physical security because mission-critical Internet operations require the highest-level of security. All areas of the center are monitored and recorded using CCTV, and all access points are controlled: All equipment arriving at the facility is checked by security personnel; All exterior entrances are equipped with silent alarms and the automatic notification of appropriate law enforcement officials; All exterior walls are bullet resistant; CCTV digital camera coverage of entire center with archival system; CCTV is integrated with access control and alarm system; Data center exteriors are fully anonymous and have no windows; Motion-detection is integrated with lighting and CCTV coverage; No keys are required all doors, including cages, are secured with biometric hand geometry readers; Perimeter is bounded by concrete bollards/planters; The facility is manned by onsite security on a 24x7x365 basis. Physical access to the data center facility is controlled by biometric hand geometry readers (manufactured by Recognition Systems) with a required pass code, and is restricted to authorized personnel only. The use of the hand geometry reader is required to: 5

6 Enter the man trap from the main entrance to the facility (data center can be entered only through this man trap); Leave the man trap and enter the main center; Enter the data center hosting area. Our data center facilities are also protected against any potential Environmental Security threats: Fire Suppression The Data Centers are protected with a dual-alarmed, dual-interlock multi- zoned, dry-pipe, water-based fire suppression system armed with sensory mechanisms (HSSD) to sample the air and give alarms prior to pressurization. Production area fire suppression is provided by a multi-zoned, pre-action, dry-pipe system. In order for the system to trip, multiple cross-linked events must occur. These include detection by ceiling mounted smoke heads and smoke sniffers located throughout the facility. Lastly a sprinkler head must trip in order for the dry- pipe system to activate. This requires a temperature of 140 degrees F at the head location. Fire suppression is localized at the event point only. Flood Control Data Center is built above sea-level, with no basements with tightly sealed conduits and moisture barriers on exterior walls. There are dedicated pump rooms, drainage/evacuation systems, and moisture detection sensors. Earthquakes Location-specific seismic compliance. Structural systems meet or exceed seismic design requirements of local building codes for lateral seismic design forces. In addition, equipment and nonstructural components, including cabinets, are anchored and braced in accordance with the requirements of the 1997 Uniform Building Code. Tornado The structural design will withstand any possible wind damage, although the facility was not specifically designed in accordance to any standards to withstand tornado damage, as tornados are a rare occurrence in Virginia. Electric Power Infrastructure Highly reliable power is imperative for critical client operations. The entire electrical system has built-in redundancy to guarantee continuous operation. The overall system is N+1 redundant, including each component within the parallel electrical systems: AC and DC raceways with 2N distribution; AC power delivery via distributed redundant UPS systems. Batteries with at least 7 minutes full load operation (diesel engine generators take roughly 8 seconds to synchronize and assume load); 48 hours worth of generator fuel; contracts with multiple fuel providers For more information Product details: Licensing inquiries: Contact information: Adobe Systems Incorporated 345 Park Avenue San Jose, CA USA Adobe, the Adobe logo, Acrobat, Acrobat Connect, ActionScript, Adobe Captivate, Authorware, Flash, and JRun are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Java is a trademark or registered trademark of Sun Microsystems, Inc. in the United States and other countries. All other trademarks are the property of their respective owners Adobe Systems Incorporated. All rights reserved. Printed in the USA /13 6

NeuStar Ultra Services Physical Security Overview

NeuStar Ultra Services Physical Security Overview NeuStar Ultra Services Physical Security Overview Mission-critical network operations must have the highest standards of quality, security and reliability. NeuStar Ultra Services currently locates its

More information

Powering the Cloud Desktop: OS33 Data Centers

Powering the Cloud Desktop: OS33 Data Centers OS33 Data Centers info@os33.com (866) 796-0310 www.os33.com It is hard to overstate the importance of security and uptime, which is why we obsess over making sure that your corporate information assets

More information

SITECATALYST SECURITY

SITECATALYST SECURITY SITECATALYST SECURITY Ensuring the Security of Client Data June 6, 2008 Version 2.0 CHAPTER 1 1 Omniture Security The availability, integrity and confidentiality of client data is of paramount importance

More information

vcloud SERVICE Virtual Tech in partnership with Equinix - vcloud Service

vcloud SERVICE Virtual Tech in partnership with Equinix - vcloud Service vcloud SERVICES vcloud SERVICE Virtual Tech offers competitive pricing on vcloud hosted services at our world class Tier 4 data centre facility fully equipped with redundant power, cooling, internet connectivity

More information

FormFire Application and IT Security. White Paper

FormFire Application and IT Security. White Paper FormFire Application and IT Security White Paper Contents Overview... 3 FormFire Corporate Security Policy... 3 Organizational Security... 3 Infrastructure and Security Team... 4 Application Development

More information

World Class Data Center Features Our best practices for world class performance, reliability and service. echomountain - Rock Solid

World Class Data Center Features Our best practices for world class performance, reliability and service. echomountain - Rock Solid echomountain - Rock Solid World Class Data Center Features Our best practices for world class performance, reliability and service 877.311.1980 sales@echomountain.com www.echomountain.com Best-Practices

More information

Altus UC Security Overview

Altus UC Security Overview Altus UC Security Overview Description Document Version D2.3 TABLE OF CONTENTS Network and Services Security 1. OVERVIEW... 1 2. PHYSICAL SECURITY... 1 2.1 FACILITY... 1 ENVIRONMENTAL SAFEGUARDS... 1 ACCESS...

More information

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies

More information

Security and Data Center Overview

Security and Data Center Overview Security and Data Center Overview September, 2012 For more information, please contact: Matt McKinney mattm@canadianwebhosting.com 888-821-7888 x 7201 Canadian Web Hosting (www.canadianwebhosting.com)

More information

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM Las Vegas Datacenter Overview Product Overview and Data Sheet Product Data Sheet Maintaining a Software as a Service (SaaS) environment with market leading availability and security is something that Active

More information

Information Technology General Controls Review (ITGC) Audit Program Prepared by:

Information Technology General Controls Review (ITGC) Audit Program Prepared by: Information Technology General Controls Review (ITGC) Audit Program Date Prepared: 2012 Internal Audit Work Plan Objective: IT General Controls (ITGC) address the overall operation and activities of the

More information

Vendor Questionnaire

Vendor Questionnaire Instructions: This questionnaire was developed to assess the vendor s information security practices and standards. Please complete this form as completely as possible, answering yes or no, and explaining

More information

Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security

Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security Overview Blackboard Collaborate Web Conferencing Hosted Environment Technical Infrastructure and Security Blackboard Collaborate web conferencing is available in a hosted environment and this document

More information

Keyfort Cloud Services (KCS)

Keyfort Cloud Services (KCS) Keyfort Cloud Services (KCS) Data Location, Security & Privacy 1. Executive Summary The purposes of this document is to provide a common understanding of the data location, security, privacy, resiliency

More information

Security Controls for the Autodesk 360 Managed Services

Security Controls for the Autodesk 360 Managed Services Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices

More information

ProjectManager.com Security White Paper

ProjectManager.com Security White Paper ProjectManager.com Security White Paper Standards & Practices www.projectmanager.com Introduction ProjectManager.com (PM) developed its Security Framework to continue to provide a level of security for

More information

Xerox DocuShare Security Features. Security White Paper

Xerox DocuShare Security Features. Security White Paper Xerox DocuShare Security Features Security White Paper Xerox DocuShare Security Features Businesses are increasingly concerned with protecting the security of their networks. Any application added to a

More information

Famly ApS: Overview of Security Processes

Famly ApS: Overview of Security Processes Famly ApS: Overview of Security Processes October 2015 Please consult http://famly.co for the latest version of this paper Page 1 of 10 Table of Contents 1. INTRODUCTION TO SECURITY AT FAMLY... 3 2. PHYSICAL

More information

Tk20 Network Infrastructure

Tk20 Network Infrastructure Tk20 Network Infrastructure Tk20 Network Infrastructure Table of Contents Overview... 4 Physical Layout... 4 Air Conditioning:... 4 Backup Power:... 4 Personnel Security:... 4 Fire Prevention and Suppression:...

More information

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE DESIGNATED CONTRACT MARKET OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the

More information

Understanding Sage CRM Cloud

Understanding Sage CRM Cloud Understanding Sage CRM Cloud Data centre and platform security whitepaper Document version 2016 Table of Contents 1.0 Introduction 3 2.0 Sage CRM Cloud Data centre Infrastructure 4 2.1 Site location 4

More information

UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1

UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1 UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1 As organizations unlock the true potential of meeting over the web as an alternative to costly and timeconsuming travel,

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches transparently Allows only white-listed applications to run in workstations Provides virus protection for Ovation Windows workstations

More information

Security and Managed Services

Security and Managed Services iconnect Cloud Archive System Overview Security and Managed Services iconnect Cloud Archive (formerly known as Merge Honeycomb ) iconnect Cloud Archive offers cloud-based storage for medical images. Images

More information

Alice. Software as a Service(SaaS) Delivery Platform. innovation is simplicity

Alice. Software as a Service(SaaS) Delivery Platform. innovation is simplicity Ekartha, Inc. 63 Cutter Mill Road Great Neck, N.Y. 11021 Tel.: (516) 773-3533 Ekartha India Pvt. Ltd. 814/B Law College Road Demech House, 4th Floor Erandwane, Pune, India Email: info@ekartha.com Web:

More information

by New Media Solutions 37 Walnut Street Wellesley, MA 02481 p 781-235-0128 f 781-235-9408 www.avitage.com Avitage IT Infrastructure Security Document

by New Media Solutions 37 Walnut Street Wellesley, MA 02481 p 781-235-0128 f 781-235-9408 www.avitage.com Avitage IT Infrastructure Security Document Avitage IT Infrastructure Security Document The purpose of this document is to detail the IT infrastructure security policies that are in place for the software and services that are hosted by Avitage.

More information

800 319 5581 800 319 5582 Fax www.protectmyministry.com www.mobilizemyministry.com

800 319 5581 800 319 5582 Fax www.protectmyministry.com www.mobilizemyministry.com 800 319 5581 800 319 5582 Fax www.protectmyministry.com www.mobilizemyministry.com Protect My Ministry websites including www.ministryopportunities.org have the following SSL Certificates and protection:

More information

Security & Infra-Structure Overview

Security & Infra-Structure Overview Security & Infra-Structure Overview Contents KantanMT Platform Security... 2 Customer Data Protection... 2 Application Security... 2 Physical and Environmental Security... 3 ecommerce Transactions... 4

More information

PRIVACY, SECURITY AND THE VOLLY SERVICE

PRIVACY, SECURITY AND THE VOLLY SERVICE PRIVACY, SECURITY AND THE VOLLY SERVICE Delight Delivered by EXECUTIVE SUMMARY The Volly secure digital delivery service from Pitney Bowes is a closed, secure, end-to-end system that consolidates and delivers

More information

Enterprise Security Model in SAS Environment

Enterprise Security Model in SAS Environment Enterprise Security Model in SAS Environment WHITE PAPER Enterprise Security Model in SAS Environment Emerging internet threats coupled with strict compliance requirements of banks, financial institutions,

More information

BOWMAN SYSTEMS SECURING CLIENT DATA

BOWMAN SYSTEMS SECURING CLIENT DATA BOWMAN SYSTEMS SECURING CLIENT DATA 2012 Bowman Systems L.L.C. All Rights Reserved. This document and the information contained herein are the property of Bowman Systems L.L.C. and should be considered

More information

Privacy + Security + Integrity

Privacy + Security + Integrity Privacy + Security + Integrity Docufree Corporation Data Security Checklist Security by Design Docufree is very proud of our security record and our staff works diligently to maintain the greatest levels

More information

Remote Services. Managing Open Systems with Remote Services

Remote Services. Managing Open Systems with Remote Services Remote Services Managing Open Systems with Remote Services Reduce costs and mitigate risk with secure remote services As control systems move from proprietary technology to open systems, there is greater

More information

Xerox DocuShare Private Cloud Service. Security White Paper

Xerox DocuShare Private Cloud Service. Security White Paper Xerox DocuShare Private Cloud Service Security White Paper Table of Contents Overview 3 Adherence to Proven Security Practices 3 Highly Secure Data Centers 4 Three-Tier Architecture 4 Security Layers Safeguard

More information

MEDIAROOM. Products Hosting Infrastructure Documentation. Introduction. Hosting Facility Overview

MEDIAROOM. Products Hosting Infrastructure Documentation. Introduction. Hosting Facility Overview MEDIAROOM Products Hosting Infrastructure Documentation Introduction The purpose of this document is to provide an overview of the hosting infrastructure used for our line of hosted Web products and provide

More information

Secure Your Source Code and Digital Assets

Secure Your Source Code and Digital Assets Hosted PRESENTS... Secure Your Source Code and Digital Assets - World's 1st Hosted SCM Solution Studies show that companies of all sizes have begun adopting SaaS (Software as a Service) solutions in a

More information

Hosted Testing and Grading

Hosted Testing and Grading Hosted Testing and Grading Technical White Paper July 2014 www.lexmark.com Lexmark and Lexmark with diamond design are trademarks of Lexmark International, Inc., registered in the United States and/or

More information

Premier Services Program (PSP) Tools: Security Overview

Premier Services Program (PSP) Tools: Security Overview Premier Services Program (PSP) Tools: Security Overview Software Version 3.0 Extreme Networks, Inc. 3585 Monroe Street Santa Clara, California 95051 (888) 257-3000 (408) 579-2800 http://www.extremenetworks.com

More information

Achieving PCI Compliance with Red Hat Enterprise Linux. June 2009

Achieving PCI Compliance with Red Hat Enterprise Linux. June 2009 Achieving PCI Compliance with Red Hat Enterprise Linux June 2009 CONTENTS EXECUTIVE SUMMARY...2 OVERVIEW OF PCI...3 1.1. What is PCI DSS?... 3 1.2. Who is impacted by PCI?... 3 1.3. Requirements for achieving

More information

WebEx Security Overview Security Documentation

WebEx Security Overview Security Documentation WebEx Security Overview Security Documentation 8/1/2003: WebEx Communications Inc. WebEx Security Overview WebEx Security Overview Introduction WebEx Communications, Inc. provides real-time communication

More information

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific

More information

Created By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee

Created By: 2009 Windows Server Security Best Practices Committee. Revised By: 2014 Windows Server Security Best Practices Committee Windows Server Security Best Practices Initial Document Created By: 2009 Windows Server Security Best Practices Committee Document Creation Date: August 21, 2009 Revision Revised By: 2014 Windows Server

More information

Security Whitepaper: ivvy Products

Security Whitepaper: ivvy Products Security Whitepaper: ivvy Products Security Whitepaper ivvy Products Table of Contents Introduction Overview Security Policies Internal Protocol and Employee Education Physical and Environmental Security

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Symantec Managed Security Services support for IT compliance Solution Overview: Symantec Managed Services Overviewview The (PCI DSS) was developed to facilitate the broad adoption of consistent data security

More information

IBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public]

IBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public] IBX Business Network Platform Information Security Controls 2015-02- 20 Document Classification [Public] Table of Contents 1. General 2 2. Physical Security 2 3. Network Access Control 2 4. Operating System

More information

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013

CS 356 Lecture 25 and 26 Operating System Security. Spring 2013 CS 356 Lecture 25 and 26 Operating System Security Spring 2013 Review Chapter 1: Basic Concepts and Terminology Chapter 2: Basic Cryptographic Tools Chapter 3 User Authentication Chapter 4 Access Control

More information

TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES. Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1

TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES. Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1 TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1 Table of Contents 1. Operational Security 2. Physical Security 3. Network

More information

SAS 70 Type II Audits

SAS 70 Type II Audits Thinking from IntraLinks SAS 70 Type II Audits SAS 70 Type II Audits Ensuring Data Security, Reliability and Integrity If your organization shares sensitive data over the Internet, you need rigorous controls

More information

Autodesk PLM 360 Security Whitepaper

Autodesk PLM 360 Security Whitepaper Autodesk PLM 360 Autodesk PLM 360 Security Whitepaper May 1, 2015 trust.autodesk.com Contents Introduction... 1 Document Purpose... 1 Cloud Operations... 1 High Availability... 1 Physical Infrastructure

More information

Ovation Security Center Data Sheet

Ovation Security Center Data Sheet Features Scans for vulnerabilities Discovers assets Deploys security patches easily Allows only white-listed applications in workstations to run Provides virus protection for Ovation Windows stations Aggregates,

More information

SaaS Security for the Confirmit CustomerSat Software

SaaS Security for the Confirmit CustomerSat Software SaaS Security for the Confirmit CustomerSat Software July 2015 Arnt Feruglio Chief Operating Officer The Confirmit CustomerSat Software Designed for The Web. From its inception in 1997, the architecture

More information

Security Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1

Security Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1 JUNE 1, 2012 SalesNOW Security Policy v.1.4 2012-06-01 v.1.4 2012-06-01 1 Overview Interchange Solutions Inc. (Interchange) is the proud maker of SalesNOW. Interchange understands that your trust in us

More information

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency

The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency logo The Panoptix Building Efficiency Solution: Ensuring a Secure Delivery of Building Efficiency Understanding the Multiple Levels of Security Built Into the Panoptix Solution Published: October 2011

More information

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc.

Considerations In Developing Firewall Selection Criteria. Adeptech Systems, Inc. Considerations In Developing Firewall Selection Criteria Adeptech Systems, Inc. Table of Contents Introduction... 1 Firewall s Function...1 Firewall Selection Considerations... 1 Firewall Types... 2 Packet

More information

Recommended IP Telephony Architecture

Recommended IP Telephony Architecture Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings

More information

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Secure, Scalable and Reliable Cloud Analytics from FusionOps White Paper Secure, Scalable and Reliable Cloud Analytics from FusionOps A FusionOps White Paper FusionOps 265 Santa Ana Court Sunnyvale, CA 94085 www.fusionops.com World-class security... 4 Physical Security...

More information

COORDINATED THREAT CONTROL

COORDINATED THREAT CONTROL APPLICATION NOTE COORDINATED THREAT CONTROL Interoperability of Juniper Networks IDP Series Intrusion Detection and Prevention Appliances and SA Series SSL VPN Appliances Copyright 2010, Juniper Networks,

More information

OVERVIEW. IQmedia Networks Technical Brief

OVERVIEW. IQmedia Networks Technical Brief IQmedia Networks Technical Brief From enterprise-sized corporations, to simple home-based businesses, all companies have information that is important to their success and that needs to be protected. Data

More information

Retention & Destruction

Retention & Destruction Last Updated: March 28, 2014 This document sets forth the security policies and procedures for WealthEngine, Inc. ( WealthEngine or the Company ). A. Retention & Destruction Retention & Destruction of

More information

GFI White Paper PCI-DSS compliance and GFI Software products

GFI White Paper PCI-DSS compliance and GFI Software products White Paper PCI-DSS compliance and Software products The Payment Card Industry Data Standard () compliance is a set of specific security standards developed by the payment brands* to help promote the adoption

More information

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99% Security overview Collaborate on your projects in a secure environment Thousands of businesses, including Fortune 500 corporations, trust Wrike for managing their projects through collaboration in the

More information

Information Technology Solutions. Managed IT Services

Information Technology Solutions. Managed IT Services Managed IT Services System downtime, viruses, spyware, lost productivity; if these problems are impacting your business, it is time to make technology work for you. At ITS, we understand the importance

More information

GlobalSCAPE DMZ Gateway, v1. User Guide

GlobalSCAPE DMZ Gateway, v1. User Guide GlobalSCAPE DMZ Gateway, v1 User Guide GlobalSCAPE, Inc. (GSB) Address: 4500 Lockhill-Selma Road, Suite 150 San Antonio, TX (USA) 78249 Sales: (210) 308-8267 Sales (Toll Free): (800) 290-5054 Technical

More information

ITAR Compliant Data Exchange

ITAR Compliant Data Exchange ITAR Compliant Data Exchange Managing ITAR Data Across Collaborative Project Teams WebSpace Customers Aerospace & Defense Manufacturing High Tech & Contract Manufacturing Automotive Manufacturing Medical/

More information

GiftWrap 4.0 Security FAQ

GiftWrap 4.0 Security FAQ GiftWrap 4.0 Security FAQ The information presented here is current as of the date of this document, and may change from time-to-time, in order to reflect s ongoing efforts to maintain the highest levels

More information

Improving the Customer Support Experience with NetApp Remote Support Agent

Improving the Customer Support Experience with NetApp Remote Support Agent NETAPP WHITE PAPER Improving the Customer Support Experience with NetApp Remote Support Agent Ka Wai Leung, NetApp April 2008 WP-7038-0408 TABLE OF CONTENTS 1 INTRODUCTION... 3 2 NETAPP SUPPORT REMOTE

More information

Netop Environment Security. Unified security to all Netop products while leveraging the benefits of cloud computing

Netop Environment Security. Unified security to all Netop products while leveraging the benefits of cloud computing Netop Environment Security Unified security to all Netop products while leveraging the benefits of cloud computing Contents Introduction... 2 AWS Infrastructure Security... 3 Standards - Compliancy...

More information

Cloud Contact Center. Security White Paper

Cloud Contact Center. Security White Paper Cloud Contact Center Security White Paper Introduction Customers communicate with organizations in a variety of forms from phone conversations to email, web chat and social media. As each interaction may

More information

Exhibit to Data Center Services Service Component Provider Master Services Agreement

Exhibit to Data Center Services Service Component Provider Master Services Agreement Exhibit to Data Center Services Service Component Provider Master Services Agreement DIR Contract No. DIR-DCS-SCP-MSA-002 Between The State of Texas, acting by and through the Texas Department of Information

More information

Secure Networks for Process Control

Secure Networks for Process Control Secure Networks for Process Control Leveraging a Simple Yet Effective Policy Framework to Secure the Modern Process Control Network An Enterasys Networks White Paper There is nothing more important than

More information

OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific documents requested,

More information

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc. Company Co. Inc. LLC Multiple Minds, Singular Results LAN Domain Network Security Best Practices An integrated approach to securing Company Co. Inc. LLC s network Written and Approved By: Geoff Lacy, Tim

More information

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous

More information

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations

Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations Symantec Endpoint Protection 11.0 Architecture, Sizing, and Performance Recommendations Technical Product Management Team Endpoint Security Copyright 2007 All Rights Reserved Revision 6 Introduction This

More information

InterCall Streaming Services Security Planning and Testing

InterCall Streaming Services Security Planning and Testing InterCall Streaming Services Security Planning and Testing In the U.S.: 800.374.2441 www.intercall.com info@intercall.com In Canada: 877.333.2666 www.intercall.ca Application InterCall Streaming Services

More information

Administering the Web Server (IIS) Role of Windows Server

Administering the Web Server (IIS) Role of Windows Server Course 10972A: Administering the Web Server (IIS) Role of Windows Server Course Details Course Outline Module 1: Overview and Installing Internet Information Services In this module students will learn

More information

KeyLock Solutions Security and Privacy Protection Practices

KeyLock Solutions Security and Privacy Protection Practices KeyLock Solutions Overview KeyLock Solutions hosts its infrastructure at Heroku. Heroku is a cloud application platform used by organizations of all sizes to deploy and operate applications throughout

More information

Rule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed)

Rule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed) Version: Modified By: Date: Approved By: Date: 1.0 Michael Hawkins October 29, 2013 Dan Bowden November 2013 Rule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed) 01.1 Purpose

More information

Hardware/Software Deployment Strategies. Introduction to Information System Components. Chapter 1 Part 4 of 4 CA M S Mehta, FCA

Hardware/Software Deployment Strategies. Introduction to Information System Components. Chapter 1 Part 4 of 4 CA M S Mehta, FCA Hardware/Software Deployment Strategies Introduction to Information System Components Chapter 1 Part 4 of 4 CA M S Mehta, FCA 1 Hardware/Software Deployment Strategies Learning Objectives Task Statements

More information

CONTENTS. Security Policy

CONTENTS. Security Policy CONTENTS PHYSICAL SECURITY (UK) PHYSICAL SECURITY (CHICAGO) PHYSICAL SECURITY (PHOENIX) PHYSICAL SECURITY (SINGAPORE) SYSTEM SECURITY INFRASTRUCTURE Vendor software updates Security first policy CUSTOMER

More information

UCS Level 2 Report Issued to

UCS Level 2 Report Issued to UCS Level 2 Report Issued to MSPAlliance Unified Certification Standard (UCS) Report Copyright 2014 www.mspalliance.com/ucs info@mspalliance.com Welcome to the UCS report which stands for Unified Certification

More information

A Buyer's Guide to Data Loss Protection Solutions

A Buyer's Guide to Data Loss Protection Solutions A Buyer's Guide to Data Loss Protection Solutions 2010 Websense, Inc. All rights reserved. Websense is a registered trademark of Websense, Inc. in the United States and certain international markets. Websense

More information

Storage Guardian Remote Backup Restore and Archive Services

Storage Guardian Remote Backup Restore and Archive Services Storage Guardian Remote Backup Restore and Archive Services Storage Guardian is the unique alternative to traditional backup methods, replacing conventional tapebased backup systems with a fully automated,

More information

CloudDesk - Security in the Cloud INFORMATION

CloudDesk - Security in the Cloud INFORMATION CloudDesk - Security in the Cloud INFORMATION INFORMATION CloudDesk SECURITY IN THE CLOUD 3 GOVERNANCE AND INFORMATION SECURITY 3 DATA CENTRES 3 DATA RESILIENCE 3 DATA BACKUP 4 ELECTRONIC ACCESS TO SERVICES

More information

Woodcock-Johnson and Woodcock-Muñoz Language Survey Revised Normative Update Technical and Data Security Overview

Woodcock-Johnson and Woodcock-Muñoz Language Survey Revised Normative Update Technical and Data Security Overview Houghton Mifflin Harcourt - Riverside (HMH - Riverside) is pleased to offer online scoring and reporting for Woodcock-Johnson IV (WJ IV) and Woodcock-Muñoz Language Survey Revised Normative Update (WMLS-R

More information

SUPPLIER SECURITY STANDARD

SUPPLIER SECURITY STANDARD SUPPLIER SECURITY STANDARD OWNER: LEVEL 3 COMMUNICATIONS AUTHOR: LEVEL 3 GLOBAL SECURITY AUTHORIZER: DALE DREW, CSO CURRENT RELEASE: 12/09/2014 Purpose: The purpose of this Level 3 Supplier Security Standard

More information

NMS300 Network Management System

NMS300 Network Management System NMS300 Network Management System User Manual June 2013 202-11289-01 350 East Plumeria Drive San Jose, CA 95134 USA Support Thank you for purchasing this NETGEAR product. After installing your device, locate

More information

TOTAL VIEW ONE Technical FAQ

TOTAL VIEW ONE Technical FAQ TOTAL VIEW ONE Technical FAQ System Overview What kind of data does TVO provide and how is it effectively delivered? TVO mirrors and records the state of every connection to deliver actionable real-time

More information

Designing a security policy to protect your automation solution

Designing a security policy to protect your automation solution Designing a security policy to protect your automation solution September 2009 / White paper by Dan DesRuisseaux 1 Contents Executive Summary... p 3 Introduction... p 4 Security Guidelines... p 7 Conclusion...

More information

Securing the Service Desk in the Cloud

Securing the Service Desk in the Cloud TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,

More information

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such

More information

Network Defense Tools

Network Defense Tools Network Defense Tools Prepared by Vanjara Ravikant Thakkarbhai Engineering College, Godhra-Tuwa +91-94291-77234 www.cebirds.in, www.facebook.com/cebirds ravikantvanjara@gmail.com What is Firewall? A firewall

More information

FINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE

FINAL DoIT 04.01.2013- v.8 APPLICATION SECURITY PROCEDURE Purpose: This procedure identifies what is required to ensure the development of a secure application. Procedure: The five basic areas covered by this document include: Standards for Privacy and Security

More information

PCI Requirements Coverage Summary Table

PCI Requirements Coverage Summary Table StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2

More information

GE Measurement & Control. Cyber Security for NEI 08-09

GE Measurement & Control. Cyber Security for NEI 08-09 GE Measurement & Control Cyber Security for NEI 08-09 Contents Cyber Security for NEI 08-09...3 Cyber Security Solution Support for NEI 08-09...3 1.0 Access Contols...4 2.0 Audit And Accountability...4

More information