Secure Infrastructure for Today's Connected World
Firewalls: all systems are protected by firewalls, which block all traffic except that which is necessary for site operations;
Code review: all code is subject to a code review process, with a strong focus on security;
Permission management: all permissions and operations are managed under the principle of least privilege.
Access Control: Access to backups is strictly limited to employees that require access.
Data Retention / Audit Trail
Longevity: This information is kept for a minimum of 5 years.
Policies and Procedures
Seperation of Duties: We employ a strict separation of duties policy; management tools and interfaces are assigned on a as-needed basis and follow the principle of least privilege;
Need to Know Basis: Access to customer security keys by employees is strictly restricted on a need-to-know basis. Our resellers and installers do not have access to customer security keys; these are pre-assigned at the factory and never given out;
Consequences: any unauthorized access to customer data will result in immediate employee termination.