Codesion Security

Codesion Security is a powerful, seamlessly integrated portfolio of services, managed devices, hosted datacenters, and best practices- designed to deliver the highest level of security to customers.
 
DOWNLOAD PDF
 



Security Standards compliant

  • Level 1 PCI Security Standards Council compliant

  • PCI level 1 is the most secure rating on a scale of 1 - 5

  • Best practice for data security

  • Quarterly scan of all our systems to ensure ongoing compliance by McAfee

Physical Security

  • Intel Xeon Server Grade hardware in SAS-70 certified Datacenter

  • Secured site perimeters, Proximity Badge Access, Digital Video Surveillance

  • Hardware RAID controllers on all servers

  • 100% Redundant Cisco Network, Gigabit Backbone

  • CISCO Guard Denial of Service (DOS) Protection

  • Network Intrusion Detection System and Arbor Peakflow Traffic Analysis

Data Security

  • Encrypted server access and data transmission (128-bit SSL certificate)

  • Customer data protected by Confidentiality Agreement

  • Backups taken at 10 min intervals at geographically separate data-center

  • 128-bit encrypted data transmission (SSL)

  • All software maintained with latest security patches

Security Management

  • Review our Code of Conduct

  • Security Policies are reviewed every six months

  • Authentication via multi-master authentication system (LDAP)

  • Only authorized, security-trained employees can access servers

  • PCI-Compliant credit card transactions

  • Direct C-level executive responsibility for overall Codesion Security

Network Security

  • Exclusive- the new Codesion FrogSAFE Platform Technology

  • Encrypted data transfer via HTTPS (128-bit SSL Verisign certificate)

  • All sysadmin access is recorded and stored in offsite logs

  • Authentication via encrypted multi-master authentication system (LDAP)

  • IP Lockdown: Limit users to specific range of IP addresses

  • Dedicated hardware firewalls on all publicly-facing servers

  • Inter-server communication on private subnet, not routable on the Internet

  • Best practices used in random generation of initial passwords

Redundancy

  • All servers include redundant RAID+1 storage devices

  • Node clusters are distributed across multiple datacenters, currently located in Dallas TX, Seattle WA and Washington DC

  • Project data is backed up to hot (onsite) and cold (offsite) servers, with files transferred within a secure private sub-net

  • Database servers are completley multi-site redundant, including our LDAP, MySQL and DNS systems

Security controls

  • Disable user feature- immediately lock down at risk employees

  • Set a maximum password age, forcing users to regularly update their passwords

  • Enforce a minimum of "strong" passwords; passwords rated "medium" or lower can be banned

  • Immediately force a global reset of all passwords in your organization. Everyone gets locked out until they change their passwords.



 
© 2012 CollabNet Inc.