×

Making privacy and protection a priority

Data Center Security Overview

Our IT infrastructure is hosted on one of the most secure cloud computing data centers that is available today. Their extensive control environment ensures that data remains protected through the following:

Physical/Environmental Protection

General

  • Access to facility controlled by security personnel through electronic monitoring
  • Two-factor authentication at least twice to access data floors
  • Physical access by employees is frequently logged and audited

Power

  • Uninterruptable Power Supply (UPS) provides backup in event of failures
  • Electrical systems made to be entirely redundant and maintainable

Climate and Temperature

  • Climate control ensures consistent server temperature and prevents overheating
  • Maintains optimal atmosphere conditions, systems in place to monitor

Fire Detection and Suppression

  • Automatic detection and suppression equipment
  • Wet-pipe, double-interlocked pre-action, or gaseous sprinkler system protection

Maintenance

  • Ensures continued operation of facilities
  • Issues can be instantly identified and remedied

End of Life Data Elimination

  • Once a device has expired, data is decommissioned and destroyed in accordance with DoD 5220.22-M (“National Industrial Security Program Operating Manual”)

Automated Data Backups

  • Point-in-time recovery
  • Mirrors data onto disks of another node, less data loss risk
  • Continuous moderation of system health and instant replacement of any failed drives

Secure Networks and Transmissions

  • Firewall and other devices prevent threats at external and internal network boundaries
  • Access Control Lists (ACL) use rules to enforce direction of information
  • Limited access points with HTTPS provides secure sessions
  • Connection using Secure Sockets Layer (SSL), protecting against forgery

Data Center Failure Contingency

  • Data automatically moved away from failed area to a different site
  • UPS, generators and multiple grids reduce failures at single points
  • Ability to spread data across multiple regions to reduce risk

General Practices

  • All deployments undergo several stages of penetration tests through to launch
  • Any changes to infrastructure must get documented, tested and approved