Secure, Confidential Services
SecretariatOne incorporates multiple levels of physical and data security that protect your information from unauthorized access. We utilize industry best practice at all levels to provide a complete and comprehensive service.
The diagram below illustrates how our servers reside behind an industry standard firewall and are accessed from a fast dedicated internet connection. In addition, each user operates their own database in order to eliminate any breach of confidentiality.
Our production environment is located in a secure facility that provides 24-hour security, redundant electrical backup, climate controllers and other backup equipment to keep the servers continually up and running.
The network perimeter is protected by state-of-the-art firewall technology by Checkpoint and continuously monitored by intrusion detection systems. In addition, CGS monitors and analyses firewall logs to proactively identify security threats.
CGS leverages the strongest encryption products to protect customer data and communications utilising 128-bit SSL certification. The lock icon in the browser indicates that the data is fully shielded from access while in transit from server to client.
Users access SecretariatOne only with a valid username and password combination, which is encrypted with the Blowfish algorithm within their assigned database.
Security of Application
Our robust security model prevents one SecretariatOne user from accessing another user's database. This security is applied to every session and remains on each active session.
Internal Systems and Operating Systems Security
Within the security of the firewall, systems are protected by Network Address translation, redirection of ports, and a non-routable addressing scheme. SecretariatOne enforces security so that only a minimal number of points are available internally in the production environment. All operating systems are protected with strong passwords. All operating systems are patched up to date with the vendor's releases of security updates. Regarding hardening of servers, all unnecessary services, protocols and ports are disabled for maximum security.
Reliability and Backup
All web servers and database servers are configured in a redundant configuration. All customer data is stored on disk storage configured with RAID 5 with hot swappable drives. So in the event of disk failure, the system is still useable. All customer data is automatically backed up to the last committed transaction on a nightly basis. The tapes are then moved to secure, fire resistant storage on a regular basis. Disaster Recovery plans are in place in the event of total server failure, where backup servers will go into operation.
Our dedicated expert team of professionals and security specialists will ensure that round the clock protection is provided. Our professionals will carry out ongoing evaluations of security development and threats. We are committed to providing a secure, scalable, private system where CGS manages all aspects unlike hosted systems management.