Quick Summary

Physical and Operational Security

  • Infrastructure is physically secure in a SSAE 16 data center
  • 24/7 secured site perimeters, digital video surveillance
  • Biometric security systems
  • 4X geographical distribution for disaster recovery and business continuity
  • Security logging and offsite recording of system administrator access activity
  • 6-month regular security policy review cycles

Network Security

  • Dedicated firewalls on all publicly facing servers
  • Encrypted data transfer via HTTPS (256-bit SSL VeriSign® certificate)
  • Secure, private sub-net provides a secure connection to transfer data between data centers
  • Network IDS/IPS Protection

Application Security

  • PCI DSS Level 1 compliance (Level 1 being the most secure)
  • Vulnerability scans of all systems ensured for compliance by McAfee
  • All system access via Secure Socket Layer (SSL)
  • Authentication via multi-master authentication system (LDAP)
  • Role Based Access Control (RBAC)
  • Password Policy Control; Set Password expiry time, enforce strong user passwords
  • Disable user feature- immediately lock down at risk employees
  • IP Restriction: Limit users to specific range of IP addresses

Data Security

  • All customer data stored securely and kept confidential per the Terms of Service
  • All servers include redundant RAID+1 storage devices
  • Database servers are multi-site redundant including our LDAP, MySQL and DNS systems
  • Project data is backed up within the datacenter (hot) and across all datacenters (cold)
Sky High Enterprise Ready

Got further security questions?