compliances , policies , security

Simple – Data Security Overview Considerations

May 16, 2013

Corporate Security

Information security is a major concern with any application exposed to the Internet. Certain Software has implemented multiple levels of security to ensure maximum security of corporate, SOX, PCI cardholder data, HIPAA or PII data.

Included in the extensive security features of our systems are:

  • Checkpoint, Cisco, Juniper Netscreen Firewalls blocking all un-trusted access to SIM events, installations as well as limiting access to web servers.
  • The use of Microsoft 2003/8 Server with IIS 6 / 7 implements the latest security features offered by Microsoft.
  • The use of Unix systems with Apache, Tomcat and other web server services latest security features offered by the OS and Web Service vendors.
  • Regular scheduled reviews of security and patch updates for the application environment.
  • Strong physical security if servers preventing unauthorized access.
  • Norton Antivirus software is updated daily with the most current virus definitions and constantly scans the server farm, acting as a second layer of protection, logging and quarantining any potentially threatening software.
  • Symantec, McAfee Hacker Safe Certifications.
  • Secure password policy and auditing.

Data Integrity

In addition to protecting corporate data and cardholder information from security risks, Certain Software actively attempts to protect data from system failure.

  • Any server storing application data is equipped with a RAID disk array capable of handling disk failures instantaneously, without data loss or downtime.
  • All data is backed up nightly to tape and disk, allowing rapid data recovery in the unlikely case of data corruption or loss.
  • Disk backups are held on-site for at least 7 days before being overwritten and offline backups for 30 days.
  • Tape backups are rotated to a geographically disparate and secure off-site storage location for long=term storage (7 days for daily backups, 6 months for monthly backups, yearly backup’s are taken biannually and kept for 12 months).

www.bestitdocuments.com