ProjectManager.com Security White Paper

Size: px
Start display at page:

Download "ProjectManager.com Security White Paper"

Transcription

1 ProjectManager.com Security White Paper Standards & Practices

2 Introduction ProjectManager.com (PM) developed its Security Framework to continue to provide a level of security for its clients commensurate with the times. The PM Security Framework consists of standards and practices that form a multi-tiered approach to safeguarding data integrity and confidentiality, as well as infrastructure and network stability. The Framework also embeds best practices for industry compliance through internal review and audits to maintain the most up-to-date security practices and protocols. The ProjectManager.com (PM) Security Framework includes: Application Security Network & Infrastructure Security Data Security Organizational Security Cloud Security Industry Compliance Keeping our customers data secure is core to our product development and testing processes, our customer service practices and our vetting of technology partners. About ProjectManager.com ProjectManager.com is a leading project management and work collaboration software-as-aservice (SaaS) platform. The simple yet powerful online project management tools enable teams throughout the enterprise to plan, track, monitor and report on tasks and projects in real-time. Since 2008, thousands of customers, including Fortune 500 companies and government agencies like NASA and the United Nations trust ProjectManager.com to manage their projects in the cloud. Teams of all sizes across a wide range of industries use ProjectManager.com for IT development, manufacturing processes, marketing campaigns, product launches, and civil engineering projects. The platform offers a comprehensive API and is also integrated with Google Apps, Zapier, MSProject and Excel. 2 ProjectManager.com Security White Paper

3 Application Security Cloud Authentication SINGLE SIGN-ON (SSO) The ProjectManager.com platform integrates with OneLogin to provide single sign-on solutions for all users. The OneLogin SSO service support organizations looking to implement two-factor authentication, a more secure process for validating and verifying identity. We also support SSO through Google Apps for Work. SESSION TIME-OUT To secure user accounts, ProjectManager.com enables an application sign-out after extended periods of inactivity. If you enable the auto-save data feature on your account, you can customize how often your data is auto-saved and ensure any changes since the last save are recorded in the event of session time-out. Once a session has timed out, users must re-login to their account. FORMS AUTHENTICATION All ProjectManager.com users are required to have a unique ID and password. Administrators in ProjectManager.com accounts manage and control individual user security and permissions, including adding or subtracting user licenses. Credentials are submitted through secured communications port (HTTPS/443) in order to establish a secure connection with the ProjectManager.com cloud. Users are not required to download or install software to access data or projects. Password Policy SECURE PASSWORD POLICY The secure password policy governs the creation and protection of the user s account data. Every ProjectManager.com user must have a unique account ID and password in order to access the service. Passwords are passed through to the web server and browser to the 3 ProjectManager.com Security White Paper

4 account online through a hypertext protocol secured connection (HTTPS), an industry-standard encryption protocol. ACCOUNT LOCKOUT As an added measure of protection against brute force attacks, ProjectManager.com initiates an account lockout policy. After numerous unsuccessful login attempts, the account will be locked. Security & Testing Processes The ProjectManager.com software development life cycle embeds defined security processes aligned with best practices into every phase. Defined application security processes are embedded into every phase of ProjectManager.com s software development life cycle (SDLC). Our team: Researches and adopts SaaS & Cloud Infrastructure security best practices Regularly conducts security reviews of architecture, new features, integrations and cross-platform solutions Conducts manual and automated source code reviews for vulnerabilities and code quality. Performs regular reviews and assessment of pre-production environments Encryption ENCRYPTION ProjectManager.com uses 256bit SSL encryption to safeguard customer data and our sites are protected by 2048bit Digicert certificates. All data between the user browser and the ProjectManager.com cloud is established through an HTTPS connection. This connection encrypts the communication and secures the web server identity. PASSWORD STORAGE ENCRYPTION All passwords stored on the ProjectManager.com cloud servers are encrypted using an industry-standard cryptographic safeguard to deploy additional layers of security. 4 ProjectManager.com Security White Paper

5 Network & Infrastructure Security Data Centers The ProjectManager.com cloud application is hosted by LiquidWeb in their highly secure data centers in Michigan Data Center. The ProjectManager.com dedicated servers have a global uptime average of >99.999% with Tier 1 Premium Bandwidth. DATA CENTER CERTIFICATES The ProjectManager.com servers meet the following standards for certification and compliance: SSAE-16 Audit Compliance HIPAA Compliance SafeHarbour Certified PHYSICAL SECURITY The ProjectManager.com servers are located at Liquid Web s highly secured Michigan Data Centers with the following security protocols in place: 24/7/365 Manned Facilities CCTV Security Cameras Covering Inside, Outside and All Entrances Site Entrances Require Electronic Perimeter Access Card System Sites Remotely Monitored By 3rd Party Security Company Entrances Secured by Mantraps with Interlocking Doors SSAE-16 & HIPAA Compliant, Safe Harbor Certified COOLING SYSTEMS Multiple Liebert 20, 22, 30 and 45 Ton upflow and downflow AC Units Stand alone HVAC systems that don't allow for large scale failure Designed For Addition of Air-Side Economization NETWORK HARDWARE 5 ProjectManager.com Security White Paper

6 Redundant Fiber Entrance Expandable to 1,840 Gigabits Per Second Multiple Redundant Gigabit Ethernet Links to Data Center 1 and Data Center 2 Fully Redundant Cisco 6509 Sup720 and Nexus 7000 Distribution Switches Redundant Gigabit Ethernet Links to Each Rack Switch Cisco Port 10/100/1000 Rack Switches The ProjectManager.com security processes support full redundancy, vulnerability management and business continuity plans. SERVER POWER & BACKUP Expandable 13,500 kva Utility Power Feeds Multiple ASCO Closed Transition Bypass Isolation Transfer Switches Multiple N+1 Generac Diesel Generators Multiple N+1 Powerware kva UPS systems Liebert & Eaton Power Distribution Units Multiple Service Entrance Feeds Disaster Recovery & Continuity The ProjectManager.com dedicated servers at LiquidWeb s Michigan Data Center are located in one of three highly secure facilities and offer continuous backup and business continuity. In addition to 24/7/365 onsite security, the servers are monitored 24/7 to assess system health, optimal performance and early detection of problems and have a dedicated immediate response team. REDUNDANCY ProjectManager.com has processes that require full redundancy with our network infrastructure, from Tier 1 Premium Bandwidth, to uninterruptible power supplies with redundant battery cabinets, to state-of-the-art environmental conditions and onsite security, The LiquidWeb Michigan Data Centers support all of those redundancy requirements, feature several zones for added redundancy within the region, as well as geographic redundancy for disaster recovery. VULNERABILITY MANAGEMENT Using a combination of manual and automated processes and tools, ProjectManager.com continuously monitors for security threats and has protocols in place to investigate and remediate any vulnerabilities. 6 ProjectManager.com Security White Paper

7 BUSINESS CONTINUITY TESTING In addition to our disaster recovery plan, ProjectManager.com and its data centers operate with a business continuity plan. That plan calls for regularly testing to ensure network infrastructure and security processes are working according to plan. Our Business Continuity Plan is a comprehensive approach to restoring all systems as quickly as possible in the event of any service interruption. Firewalls ProjectManager.com has secured data in a number of ways, including the implementation and regular management of system firewalls. Engineers regularly apply tests to the firewall to ensure operability and compliance with the latest threats to cyber security. In addition, our servers are built with full redundancy in order to secure data in the event of any impacts. 7 ProjectManager.com Security White Paper

8 Organizational Security Processes ProjectManager.com has developed internal policies that are best-in-class for managing data and security risks. Our infrastructure and development team defined and implemented strategies for escalation, management, risk assessment, disaster recovery, business continuity and ongoing operational management. We continually strive to improve our processes over time with a continuous assessment and monitoring model and regular assessments of processes and protocols. NIST CYBER SECURITY FRAMEWORK ProjectManager.com follows the guidelines set out by the 2014 NIST Cyber Security Framework, a collaboration between the U.S. government and industry in response to Executive Order Improving Critical Infrastructure Cyber Security, issued in February. The framework is categorized by five key policies Identify, Protect, Detect, Respond and Recover in order to follow a comprehensive planning, monitoring and action response plan to bolster cloud security. For more information about how ProjectManager.com aligns to the NIST Cyber Security Framework, refer to the NIST Cloud Security Checklist document located here. Personnel ProjectManager.com has strict security policies for employee access to customer data. All data access events are monitored and logged, and we restrict access to customer data to those with appropriate internal clearance. Access to data centers requires authentication along with personal certificates and is tightly restricted. All employees are bound by our confidentiality agreement and our acceptable use agreement, as well. Privacy Internal processes are designed to safeguard customer privacy and confidentiality of sensitive information. The ProjectManager.com Privacy Policy discloses the type of information we can collect and how we may use this information. We do not collect personally identifiable information unless voluntarily submitted by visitor to our sites or service. Access to customer data is strictly limited to select personnel and only on an as-needed basis. 8 ProjectManager.com Security White Paper

9 Contact Us The ProjectManager.com Support Team is available Monday through Friday, 8 am 6 pm Central Time. Office Address 3420 Executive Center Drive Suite 160 Austin, TX T: support@projectmanager.com 9 ProjectManager.com Security White Paper

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99%

Collaborate on your projects in a secure environment. Physical security. World-class datacenters. Uptime over 99% Security overview Collaborate on your projects in a secure environment Thousands of businesses, including Fortune 500 corporations, trust Wrike for managing their projects through collaboration in the

More information

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM

Las Vegas Datacenter Overview. Product Overview and Data Sheet. Created on 6/18/2014 3:49:00 PM Las Vegas Datacenter Overview Product Overview and Data Sheet Product Data Sheet Maintaining a Software as a Service (SaaS) environment with market leading availability and security is something that Active

More information

Secure, Scalable and Reliable Cloud Analytics from FusionOps

Secure, Scalable and Reliable Cloud Analytics from FusionOps White Paper Secure, Scalable and Reliable Cloud Analytics from FusionOps A FusionOps White Paper FusionOps 265 Santa Ana Court Sunnyvale, CA 94085 www.fusionops.com World-class security... 4 Physical Security...

More information

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD

PROTECTING YOUR VOICE SYSTEM IN THE CLOUD PROTECTING YOUR VOICE SYSTEM IN THE CLOUD Every enterprise deserves to know what its vendors are doing to protect the data and systems entrusted to them. Leading IVR vendors in the cloud, like Angel, consider

More information

SysAid IT On-Demand Architecture Including Security and Disaster Recovery Plan

SysAid IT On-Demand Architecture Including Security and Disaster Recovery Plan SysAid IT On-Demand Architecture Including Security and Disaster Recovery Plan This document covers three aspects of SysAid IT On-Demand: Architecture Security Business Continuity and Disaster Recovery

More information

UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1

UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1 UNIFIED MEETING 5 SECURITY WHITEPAPER INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1 As organizations unlock the true potential of meeting over the web as an alternative to costly and timeconsuming travel,

More information

FormFire Application and IT Security. White Paper

FormFire Application and IT Security. White Paper FormFire Application and IT Security White Paper Contents Overview... 3 FormFire Corporate Security Policy... 3 Organizational Security... 3 Infrastructure and Security Team... 4 Application Development

More information

Security from a customer s perspective. Halogen s approach to security

Security from a customer s perspective. Halogen s approach to security September 18, 2015 Security from a customer s perspective Using a cloud-based talent management program can deliver tremendous benefits to your organization, including aligning your workforce, improving

More information

Tableau Online Security in the Cloud

Tableau Online Security in the Cloud Tableau Online Security in the Cloud Author: Ellie Fields Senior Director, Product Marketing, Tableau Software June 2013 p2 Tableau Software understands that data is among the most strategic and important

More information

KeyLock Solutions Security and Privacy Protection Practices

KeyLock Solutions Security and Privacy Protection Practices KeyLock Solutions Overview KeyLock Solutions hosts its infrastructure at Heroku. Heroku is a cloud application platform used by organizations of all sizes to deploy and operate applications throughout

More information

Clarizen Security White Paper

Clarizen Security White Paper WHITE PAPER Clarizen Security White Paper Standards and Practices UNITED STATES 1.866.502.9813 UNITED KINGDOM +44.0.20.3411.2345 ISRAEL +972.9.794.4300 FRANCE +33.18.28839.66 www.clarizen.com Table of

More information

Security Whitepaper: ivvy Products

Security Whitepaper: ivvy Products Security Whitepaper: ivvy Products Security Whitepaper ivvy Products Table of Contents Introduction Overview Security Policies Internal Protocol and Employee Education Physical and Environmental Security

More information

Supplier Information Security Addendum for GE Restricted Data

Supplier Information Security Addendum for GE Restricted Data Supplier Information Security Addendum for GE Restricted Data This Supplier Information Security Addendum lists the security controls that GE Suppliers are required to adopt when accessing, processing,

More information

BMC s Security Strategy for ITSM in the SaaS Environment

BMC s Security Strategy for ITSM in the SaaS Environment BMC s Security Strategy for ITSM in the SaaS Environment TABLE OF CONTENTS Introduction... 3 Data Security... 4 Secure Backup... 6 Administrative Access... 6 Patching Processes... 6 Security Certifications...

More information

State of Texas. TEX-AN Next Generation. NNI Plan

State of Texas. TEX-AN Next Generation. NNI Plan State of Texas TEX-AN Next Generation NNI Plan Table of Contents 1. INTRODUCTION... 1 1.1. Purpose... 1 2. NNI APPROACH... 2 2.1. Proposed Interconnection Capacity... 2 2.2. Collocation Equipment Requirements...

More information

Remote Disaster Recovery Services Suite (nvision Edition)

Remote Disaster Recovery Services Suite (nvision Edition) Remote Disaster Recovery Services Suite (nvision Edition) Services Suite includes Remote Backup Service Comprehensive suite of services designed to get you back up and running quickly and successfully

More information

Security Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1

Security Policy JUNE 1, 2012. SalesNOW. Security Policy v.1.4 2012-06-01. v.1.4 2012-06-01 1 JUNE 1, 2012 SalesNOW Security Policy v.1.4 2012-06-01 v.1.4 2012-06-01 1 Overview Interchange Solutions Inc. (Interchange) is the proud maker of SalesNOW. Interchange understands that your trust in us

More information

Level I - Public. Technical Portfolio. Revised: July 2015

Level I - Public. Technical Portfolio. Revised: July 2015 Level I - Public Technical Portfolio Revised: July 2015 Table of Contents 1. INTRODUCTION 3 1.1 About Imaginatik 3 1.2 Taking Information Security Seriously 3 2. DATA CENTER SECURITY 3 2.1 Data Center

More information

Security Information & Policies

Security Information & Policies Security Information & Policies 01 Table of Contents OVERVIEW CHAPTER 1 : CHAPTER 2: CHAPTER 3: CHAPTER 4: CHAPTER 5: CHAPTER 6: CHAPTER 7: CHAPTER 8: CHAPTER 9: CHAPTER 10: CHAPTER 11: CHAPTER 12: CHAPTER

More information

Security & Infrastructure White Paper

Security & Infrastructure White Paper Proofing and approval made easy. Security & Infrastructure White Paper ProofHQ (Approvr Limited) 66 The High Street Northwood Middlesex HA6 1BL United Kingdom Email: contact.us@proofhq.com US: +1 214 519

More information

Powering the Cloud Desktop: OS33 Data Centers

Powering the Cloud Desktop: OS33 Data Centers OS33 Data Centers info@os33.com (866) 796-0310 www.os33.com It is hard to overstate the importance of security and uptime, which is why we obsess over making sure that your corporate information assets

More information

FileCloud Security FAQ

FileCloud Security FAQ is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file

More information

Security Whitepaper. NetTec NSI Philosophy. Best Practices

Security Whitepaper. NetTec NSI Philosophy. Best Practices Security Whitepaper NetTec NSI provides a leading SaaS-based managed services platform that to efficiently backup, monitor, and troubleshoot desktops, servers and other endpoints for businesses. Our comprehensive

More information

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0 Unless otherwise stated, these Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies

More information

Mobile Mobile Security COPYRIGHT 2014 INTUITION ALL RIGHTS RESERVED. Copyright 2014 Intuition

Mobile Mobile Security COPYRIGHT 2014 INTUITION ALL RIGHTS RESERVED. Copyright 2014 Intuition Mobile Mobile Security COPYRIGHT 2014 INTUITION ALL RIGHTS RESERVED 1 Background Traditionally, security has not been a high priority for e-learning; as such content was hosted and only accessible at the

More information

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room

MAXIMUM DATA SECURITY with ideals TM Virtual Data Room MAXIMUM DATA SECURITY with ideals TM Virtual Data Room WWW.IDEALSCORP.COM ISO 27001 Certified Account Settings and Controls Administrators control users settings and can easily configure privileges for

More information

SaaS Security for Confirmit Horizons

SaaS Security for Confirmit Horizons SaaS Security for Confirmit Horizons January 2015 Confirmit Horizons v18.5 Arnt Feruglio Chief Operating Officer The Confirmit Horizons Software From its inception in 1997, the architecture and code of

More information

800 319 5581 800 319 5582 Fax www.protectmyministry.com www.mobilizemyministry.com

800 319 5581 800 319 5582 Fax www.protectmyministry.com www.mobilizemyministry.com 800 319 5581 800 319 5582 Fax www.protectmyministry.com www.mobilizemyministry.com Protect My Ministry websites including www.ministryopportunities.org have the following SSL Certificates and protection:

More information

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data Kenna Platform Security A technical overview of the comprehensive security measures Kenna uses to protect your data V2.0, JULY 2015 Multiple Layers of Protection Overview Password Salted-Hash Thank you

More information

Securing the Service Desk in the Cloud

Securing the Service Desk in the Cloud TECHNICAL WHITE PAPER Securing the Service Desk in the Cloud BMC s Security Strategy for ITSM in the SaaS Environment Introduction Faced with a growing number of regulatory, corporate, and industry requirements,

More information

Cloud Management. Overview. Cloud Managed Networks

Cloud Management. Overview. Cloud Managed Networks Datasheet Cloud Management Cloud Management Overview Meraki s cloud based management provides centralized visibility & control over Meraki s wired & wireless networking hardware, without the cost and complexity

More information

Secure Data Hosting. Your data is our top priority.

Secure Data Hosting. Your data is our top priority. Secure Data Hosting Your data is our top priority. ESO s world-class security infrastructure is designed to provide data redundancy, security and availability while keeping sensitive HIPAA and PHI information

More information

SaaS Security for the Confirmit CustomerSat Software

SaaS Security for the Confirmit CustomerSat Software SaaS Security for the Confirmit CustomerSat Software July 2015 Arnt Feruglio Chief Operating Officer The Confirmit CustomerSat Software Designed for The Web. From its inception in 1997, the architecture

More information

BroadData Unified Meeting Security Whitepaper v4.2

BroadData Unified Meeting Security Whitepaper v4.2 BroadData Unified Meeting Security Whitepaper v4.2 Introduction As organizations unlock the true potential of meeting over the Web as an alternative to costly and time-consuming travel, they do so in the

More information

Birst Security and Reliability

Birst Security and Reliability Birst Security and Reliability Birst is Dedicated to Safeguarding Your Information 2 Birst is Dedicated to Safeguarding Your Information To protect the privacy of its customers and the safety of their

More information

CONTENTS. Security Policy

CONTENTS. Security Policy CONTENTS PHYSICAL SECURITY (UK) PHYSICAL SECURITY (CHICAGO) PHYSICAL SECURITY (PHOENIX) PHYSICAL SECURITY (SINGAPORE) SYSTEM SECURITY INFRASTRUCTURE Vendor software updates Security first policy CUSTOMER

More information

HIPAA Privacy & Security White Paper

HIPAA Privacy & Security White Paper HIPAA Privacy & Security White Paper Sabrina Patel, JD +1.718.683.6577 sabrina@captureproof.com Compliance TABLE OF CONTENTS Overview 2 Security Frameworks & Standards 3 Key Security & Privacy Elements

More information

CLOUD FRAMEWORK & SECURITY OVERVIEW

CLOUD FRAMEWORK & SECURITY OVERVIEW CLOUD FRAMEWORK & OVERVIEW From small businesses to the largest Fortune 500 Enterprises, customers trust the irise cloud infrastructure when collaborating to define and design their applications. This

More information

Five keys to a more secure data environment

Five keys to a more secure data environment Five keys to a more secure data environment A holistic approach to data infrastructure security Compliance professionals know better than anyone how compromised data can lead to financial and reputational

More information

custom hosting for how you do business

custom hosting for how you do business custom hosting for how you do business 24775 League Island Boulevard Philadelphia PA 19112 gibraltarit.com 866.410.4427 Gibraltar s replicated cloud architecture and PCI/HIPAA compliant data centers provide

More information

GTS Software Pty Ltd. Remote Desktop Services

GTS Software Pty Ltd. Remote Desktop Services GTS Software Pty Ltd Remote Desktop Services Secure web access to GTS Software applications CONTENTS Overview... 2 What GTS can provide with Remote Desktop Services... 2 Main Features... 3 RD Web Access...

More information

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value

IBM Cognos TM1 on Cloud Solution scalability with rapid time to value IBM Solution scalability with rapid time to value Cloud-based deployment for full performance management functionality Highlights Reduced IT overhead and increased utilization rates with less hardware.

More information

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous

More information

BOWMAN SYSTEMS SECURING CLIENT DATA

BOWMAN SYSTEMS SECURING CLIENT DATA BOWMAN SYSTEMS SECURING CLIENT DATA 2012 Bowman Systems L.L.C. All Rights Reserved. This document and the information contained herein are the property of Bowman Systems L.L.C. and should be considered

More information

Autodesk PLM 360 Security Whitepaper

Autodesk PLM 360 Security Whitepaper Autodesk PLM 360 Autodesk PLM 360 Security Whitepaper May 1, 2015 trust.autodesk.com Contents Introduction... 1 Document Purpose... 1 Cloud Operations... 1 High Availability... 1 Physical Infrastructure

More information

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST

APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST Application Name: Vendor Name: Briefly describe the purpose of the application. Include an overview of the application architecture, and identify the data

More information

TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES. Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1

TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES. Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1 TONAQUINT DATA CENTER, INC. CLOUD SECURITY POLICY & PROCEDURES Tonaquint Data Center, Inc Cloud Security Policy & Procedures 1 Table of Contents 1. Operational Security 2. Physical Security 3. Network

More information

Xerox Litigation Services. In the Cybersecurity Hot Seat: How Law Firms are Optimizing Security While Reducing Cost and Risk

Xerox Litigation Services. In the Cybersecurity Hot Seat: How Law Firms are Optimizing Security While Reducing Cost and Risk Xerox Litigation Services In the Cybersecurity Hot Seat: How Law Firms are Optimizing Security While Reducing Cost and Risk Your Highest Priority is also Your Greatest Challenge Data breaches are not just

More information

ClickTale Security Standards and Practices: Delivering Peace of Mind in Digital Optimization

ClickTale Security Standards and Practices: Delivering Peace of Mind in Digital Optimization Delivering Peace of Mind in Digital Optimization TABLE OF CONTENTS INTRODUCTION 2 PRIVACY AND ANONYMITY 3 ISO 27001 COMPLIANCE 5 APPLICATION-LEVEL SECURITY 6 PENETRATION TESTING AND SECURITY AUDITS 7 GENERAL

More information

Famly ApS: Overview of Security Processes

Famly ApS: Overview of Security Processes Famly ApS: Overview of Security Processes October 2015 Please consult http://famly.co for the latest version of this paper Page 1 of 10 Table of Contents 1. INTRODUCTION TO SECURITY AT FAMLY... 3 2. PHYSICAL

More information

YubiCloud OTP Validation Service. Version 1.2

YubiCloud OTP Validation Service. Version 1.2 YubiCloud OTP Validation Service Version 1.2 5/12/2015 Introduction Disclaimer Yubico is the leading provider of simple, open online identity protection. The company s flagship product, the YubiKey, uniquely

More information

data center - why choose a data center facility

data center - why choose a data center facility data center - why choose a data center facility Do you have the highest levels of security, redundancy, reliability, infrastructure and technical expertise necessary to operate your Internet operations?

More information

Keyfort Cloud Services (KCS)

Keyfort Cloud Services (KCS) Keyfort Cloud Services (KCS) Data Location, Security & Privacy 1. Executive Summary The purposes of this document is to provide a common understanding of the data location, security, privacy, resiliency

More information

BOLDCHAT ARCHITECTURE & APPLICATION CONTROL

BOLDCHAT ARCHITECTURE & APPLICATION CONTROL ARCHITECTURE & APPLICATION CONTROL A technical overview of BoldChat s security. INTRODUCTION LogMeIn offers consistently reliable service to its BoldChat customers and is vigilant in efforts to provide

More information

penelope athena software SOFTWARE AS A SERVICE INFORMATION PACKAGE case management software

penelope athena software SOFTWARE AS A SERVICE INFORMATION PACKAGE case management software penelope case management software SOFTWARE AS A SERVICE INFORMATION PACKAGE athena software "I've worked with major corporations and universities and I am really impressed with Athena's hosted server and

More information

IBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public]

IBX Business Network Platform Information Security Controls. 2015-02- 20 Document Classification [Public] IBX Business Network Platform Information Security Controls 2015-02- 20 Document Classification [Public] Table of Contents 1. General 2 2. Physical Security 2 3. Network Access Control 2 4. Operating System

More information

GTS Software Remote Desktop Services

GTS Software Remote Desktop Services GTS Software Remote Desktop Services RemoteApp client requirements and hosting environment details CONTENTS Introduction... 2 Client requirements... 2 RD Web Access... 2 Distributed RDP or MSI packages...

More information

The increasing popularity of mobile devices is rapidly changing how and where we

The increasing popularity of mobile devices is rapidly changing how and where we Mobile Security BACKGROUND The increasing popularity of mobile devices is rapidly changing how and where we consume business related content. Mobile workforce expectations are forcing organizations to

More information

INDEPENDENT PRACTITIONER S TRUST SERVICES REPORT LIQUID WEB, INC.

INDEPENDENT PRACTITIONER S TRUST SERVICES REPORT LIQUID WEB, INC. INDEPENDENT PRACTITIONER S TRUST SERVICES REPORT LIQUID WEB, INC. Web Hosting Services Trust Services Report on Management s Assertion (SOC 3) As Of June 30, 2014 LIQUID WEB, INC. Trust Services Report

More information

Time to Value: Successful Cloud Software Implementation

Time to Value: Successful Cloud Software Implementation Time to Value: Successful Cloud Software Implementation Cloud & Data Security 2015 Client Conference About the Presenter Scott Schimberg, CPA, CMA Partner, Consulting, Armanino Scott became a Certified

More information

Itron Cloud Services Offering

Itron Cloud Services Offering Itron Cloud Services Offering WHITE PAPER TABLE OF CONTENTS Introduction... 3 Types of Services... 3 Software as a Service (SaaS)...3 Managed Services...3 On-site Managed Services...3 Benefits... 3 Infrastructure...

More information

SECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our

SECURITY OVERVIEW FOR MY.ENDNOTE.COM. In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our ENDNOTE ONLINE SECURITY OVERVIEW FOR MY.ENDNOTE.COM In line with commercial industry standards, Thomson Reuters employs a dedicated security team to protect our servers from attacks and other attempts

More information

Perceptive Software Platform Services

Perceptive Software Platform Services Perceptive Software Platform Services CLOUD SOLUTIONS process and content management Perceptive Software Platform Services Perceptive Software process and content management systems have been deployed

More information

Document ID. Cyber security for substation automation products and systems

Document ID. Cyber security for substation automation products and systems Document ID Cyber security for substation automation products and systems 2 Cyber security for substation automation systems by ABB ABB addresses all aspects of cyber security The electric power grid has

More information

Table of Contents. Page 1 of 6 (Last updated 30 July 2015)

Table of Contents. Page 1 of 6 (Last updated 30 July 2015) Table of Contents What is Connect?... 2 Physical Access Controls... 2 User Access Controls... 3 Systems Architecture... 4 Application Development... 5 Business Continuity Management... 5 Other Operational

More information

Security Features: Lettings & Property Management Software

Security Features: Lettings & Property Management Software Security Features: Lettings & Property Management Software V 2.0 (23/02/2015) Table of Contents Introduction to Web Application Security... 2 Potential Security Vulnerabilities for Web Applications...

More information

Privacy + Security + Integrity

Privacy + Security + Integrity Privacy + Security + Integrity Docufree Corporation Data Security Checklist Security by Design Docufree is very proud of our security record and our staff works diligently to maintain the greatest levels

More information

SECURITY DOCUMENT. BetterTranslationTechnology

SECURITY DOCUMENT. BetterTranslationTechnology SECURITY DOCUMENT BetterTranslationTechnology XTM Security Document Documentation for XTM Version 6.2 Published by XTM International Ltd. Copyright XTM International Ltd. All rights reserved. No part of

More information

HealthcareBookings.com Security Set Up

HealthcareBookings.com Security Set Up HealthcareBookings.com Security Set Up Introduction... 2 Overview of the process for using HealthcareBookings.com... 2 Professionals... 2 Patients... 3 Passwords... 4 Hosting Security... 4 Overview of

More information

Cloud Management. Overview. Cloud Managed Networks

Cloud Management. Overview. Cloud Managed Networks Datasheet Cloud Management Cloud Management Overview Meraki s cloud based management provides centralized visibility & control over Meraki s wired & wireless networking hardware, without the cost and complexity

More information

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT

HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT HIPAA CRITICAL AREAS TECHNICAL SECURITY FOCUS FOR CLOUD DEPLOYMENT A Review List This paper was put together with Security in mind, ISO, and HIPAA, for guidance as you move into a cloud deployment Dr.

More information

SNAP WEBHOST SECURITY POLICY

SNAP WEBHOST SECURITY POLICY SNAP WEBHOST SECURITY POLICY Should you require any technical support for the Snap survey software or any assistance with software licenses, training and Snap research services please contact us at one

More information

Addressing Cloud Computing Security Considerations

Addressing Cloud Computing Security Considerations Addressing Cloud Computing Security Considerations with Microsoft Office 365 Protect more Contents 2 Introduction 3 Key Security Considerations 4 Office 365 Service Stack 5 ISO Certifications for the Microsoft

More information

WALKME WHITEPAPER. WalkMe Architecture

WALKME WHITEPAPER. WalkMe Architecture WALKME WHITEPAPER WalkMe Architecture Introduction WalkMe - the Enterprise Class Guidance and Engagement Platform - drives users to action as they use software or websites. WalkMe is used by Enterprises

More information

Enterprise Architecture Review Checklist

Enterprise Architecture Review Checklist Enterprise Architecture Review Checklist Software as a Service (SaaS) Solutions Overview This document serves as Informatica s Enterprise Architecture (EA) Review checklist for Cloud vendors that wish

More information

Copyright Telerad Tech 2009. RADSpa. HIPAA Compliance

Copyright Telerad Tech 2009. RADSpa. HIPAA Compliance RADSpa HIPAA Compliance 1. Introduction 3 1.1. Scope and Field of Application 3 1.2. HIPAA 3 2. Security Architecture 4 2.1 Authentication 4 2.2 Authorization 4 2.3 Confidentiality 4 2.3.1 Secure Communication

More information

Enterprise level security, the Huddle way.

Enterprise level security, the Huddle way. Enterprise level security, the Huddle way. Security whitepaper TABLE OF CONTENTS 5 Huddle s promise Hosting environment Network infrastructure Multiple levels of security Physical security System & network

More information

HIPAA Compliance for the Wireless LAN

HIPAA Compliance for the Wireless LAN White Paper HIPAA Compliance for the Wireless LAN JUNE 2015 This publication describes the implications of HIPAA (the Health Insurance Portability and Accountability Act of 1996) on a wireless LAN solution,

More information

Blue Jeans Network Security Features

Blue Jeans Network Security Features Technical Guide Blue Jeans Network Security Features Blue Jeans Network understands an organization s need for secure communications. The Blue Jeans cloud-based video conferencing platform provides users

More information

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales

SMS. Cloud Computing. Systems Management Specialists. Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales SMS Systems Management Specialists Cloud Computing Grupo SMS www.grupo-sms.com 949.223.9240 option 3 for sales Cloud Computing The SMS Model: Cloud computing is a model for enabling ubiquitous, convenient,

More information

CITY UNIVERSITY OF HONG KONG Physical Access Security Standard

CITY UNIVERSITY OF HONG KONG Physical Access Security Standard CITY UNIVERSITY OF HONG KONG (Approved by the Information Strategy and Governance Committee in December 2013) PUBLIC Date of Issue: 2013-12-24 Document Control Document Owner Classification Publication

More information

managed servers - why choose a managed service provider?

managed servers - why choose a managed service provider? managed servers - why choose a managed service provider? Do you have the highest levels of security, redundancy, reliability, infrastructure and technical expertise necessary to operate your Internet operations?

More information

colocation vs. managed servers - the difference

colocation vs. managed servers - the difference colocation vs. managed servers - the difference Do you have the highest levels of security, redundancy, reliability, infrastructure and technical expertise necessary to operate your Internet operations?

More information

Understanding Sage CRM Cloud

Understanding Sage CRM Cloud Understanding Sage CRM Cloud Data centre and platform security whitepaper Document version 2016 Table of Contents 1.0 Introduction 3 2.0 Sage CRM Cloud Data centre Infrastructure 4 2.1 Site location 4

More information

System Security. Your data security is always our top priority

System Security. Your data security is always our top priority Your data security is always our top priority Data security is an important factor for every client, our continued investment in the latest technology methods and world class data centres show our commitment

More information

This document and the information contained herein are the property of Bowman Systems L.L.C. and should be considered business sensitive.

This document and the information contained herein are the property of Bowman Systems L.L.C. and should be considered business sensitive. SERVICEPOINT SECURING CLIENT DATA This document and the information contained herein are the property of and should be considered business sensitive. Copyright 2006 333 Texas Street Suite 300 Shreveport,

More information

YubiCloud Validation Service. Version 1.1

YubiCloud Validation Service. Version 1.1 YubiCloud Service Version 1.1 5/29/2012 Introduction Disclaimer Yubico is the leading provider of simple, open online identity protection. The company s flagship product, the YubiKey, uniquely combines

More information

Web Conferencing: Unleash the Power of Secure, Real-Time Collaboration

Web Conferencing: Unleash the Power of Secure, Real-Time Collaboration White Paper Web Conferencing: Unleash the Power of Secure, Real-Time Collaboration This paper focuses on security information for Cisco WebEx Meeting Center, Cisco WebEx Training Center, Cisco WebEx Support

More information

Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF

Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF Splunk Enterprise Log Management Role Supporting the ISO 27002 Framework EXECUTIVE BRIEF Businesses around the world have adopted the information security standard ISO 27002 as part of their overall risk

More information

SITECATALYST SECURITY

SITECATALYST SECURITY SITECATALYST SECURITY Ensuring the Security of Client Data June 6, 2008 Version 2.0 CHAPTER 1 1 Omniture Security The availability, integrity and confidentiality of client data is of paramount importance

More information

Security Controls for the Autodesk 360 Managed Services

Security Controls for the Autodesk 360 Managed Services Autodesk Trust Center Security Controls for the Autodesk 360 Managed Services Autodesk strives to apply the operational best practices of leading cloud-computing providers around the world. Sound practices

More information

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE

SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE SWAP EXECUTION FACILITY OPERATIONAL CAPABILITY TECHNOLOGY QUESTIONNAIRE Please provide all relevant documents responsive to the information requests listed within each area below. In addition to the specific

More information

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery

WHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery WHITE PAPER HIPPA Compliance and Secure Online Data Backup and Disaster Recovery January 2006 HIPAA Compliance and the IT Portfolio Online Backup Service Introduction October 2004 In 1996, Congress passed

More information

White Paper. Prepared by: Neil Shah Director, Product Management March, 2014 Version: 1. Copyright 2014, ezdi, LLC.

White Paper. Prepared by: Neil Shah Director, Product Management March, 2014 Version: 1. Copyright 2014, ezdi, LLC. White Paper ezcac: HIPAA Compliant Cloud Solution Prepared by: Neil Shah Director, Product Management March, 2014 Version: 1 Copyright 2014, ezdi, LLC. TECHNICAL SAFEGUARDS Access Control 164.312 (a) (1)

More information

Small Business IT Risk Assessment

Small Business IT Risk Assessment Small Business IT Risk Assessment Company name: Completed by: Date: Where Do I Begin? A risk assessment is an important step in protecting your customers, employees, and your business, and well as complying

More information

Security and Data Center Overview

Security and Data Center Overview Security and Data Center Overview September, 2012 For more information, please contact: Matt McKinney mattm@canadianwebhosting.com 888-821-7888 x 7201 Canadian Web Hosting (www.canadianwebhosting.com)

More information

MIGRATIONWIZ SECURITY OVERVIEW

MIGRATIONWIZ SECURITY OVERVIEW MIGRATIONWIZ SECURITY OVERVIEW Table of Contents Introduction... 2 Shared Security Approach... 2 Customer Best Practices... 2 Application Security... 4 Database Level Security... 4 Network Security...

More information

NetSuite Data Center Fact Sheet

NetSuite Data Center Fact Sheet NetSuite Data Center Fact Sheet Enterprise-Class Data Management, Security, Performance and Availability NetSuite is the world s largest cloud ERP vendor, supporting over 20,000 organizations, processing

More information

Cherwell Software Hosted Environment. www.creekpointe.com info@creekpointe.com 864.297.4959 +1 800.613.1426

Cherwell Software Hosted Environment. www.creekpointe.com info@creekpointe.com 864.297.4959 +1 800.613.1426 Cherwell Software Hosted Environment Cherwell Software, LLC ( Cherwell ) provides an efficient, expedient, and secure hosted environment so that customers are guaranteed exceptional performance and reliability.

More information