Screendragon Logo
 
  HomeAbout UsSolutionsSupportCustomersTechnologySecurityContact  
   
 

Technology

  
   
   
 

How we ensure integrity of your data

Security, privacy and confidentiality are all a top priority for Screendragon and its entire staff.

We operate all our work activities with these to the forefront of our thinking. Our software is designed to meet the high levels of security expected by our Fortune 100 clients. Our hosting environments have been selected and optimised to meet the highest levels of service and security. We regularly train our staff on work processes to enhance the confidentiality, integrity and security of our clients’ data

Below are some of the measures we take to ensure your peace of mind

  Perimeter & Physical Security

  • Data center access limited to data center technicians.
  • Biometric scanning for controlled data center access.
  • Security camera monitoring at all data center locations.
  • 24x7 onsite staff provides additional protection against unauthorized entry.
  • Unmarked facilities to help maintain low profile.
  • Physical security audited by an independent firm

Network Security

 

  • Network perimeter is protected via firewall and by stateful packet inspection allowing only authorized traffic pass.
  • Scalable and redundant network and server infrastructure.
  • Redundant fiber optic (extremely high bandwidth) connections to multiple independent Tier 1 backbone networks.
  • Real-time network, server and application monitoring.
  • Firewall and router technology, SSL Encryption and a Network Intrusion Detection System that monitors and proactively blocks worms, hackers, and other undesirables.
  • Log files are retained and analyzed for proactive monitoring of network activity.
  • Distributed Denial of Service (DDoS) mitigation services.

 

Server Security

  • System installation using hardened, patched OS.
  • System patching configured to provide ongoing protection from exploits.
  • Dedicated firewall and VPN services to help block unauthorized system access.
  • Data protection with managed off-site tape based backup solutions.
  • Intrusion detection systems to provide an additional layer of protection against unauthorized system access.

 

Application Security

  • Encryption is provided by SSL transfer utilizing a 128 bit encryption key.
  • Authentication and Non-Repudiation is guaranteed by a Comodo issued SSL Server certificate.
  • Advanced password rules & settings. Username and password length & complexity can be customized based on your requirements and password change and expiry requirements can also be flexibly implemented.
  • Integration with existing authentication systems e.g. Active Directory, LDAP, SharePoint 2007 (WSS 3.0) is also possible so that you can re-use existing corporate authentication systems.
  • Access Control Lists (ACLs) provide appropriate access rights to collaboration projects.
  • It is easy to control exactly who gets access to content and what they can do with it.
  • Uploaded content can be set-up to prevent downloading the source file by users.
  • All client content is totally segregated from other client’s data using a Discretionary Access Control security policy. If additional segregation of data is required, a dedicated server can be used by clients who require it. Additional costs apply for this service

 

Operational Security

     Data Center Security

  • ISO27001-based policies and procedures, regularly reviewed as part of our SAS70 Type II audit process.
  • All employees trained on documented information security and privacy procedures.
  • Access to confidential information restricted to authorized personnel only according to documented processes.
  • Systems access logged and tracked for auditing purposes.
  • Secure document-destruction policies for all sensitive information
  • Fully documented change-management procedures
  • Independently audited disaster recovery and business continuity plans in place for Screendragon development center.

 

     Customers Application Environment

 

  • Best practices used in the random generation of initial passwords.
  • All passwords encrypted during transmission and while in storage.
  • Secure media handling and destruction procedures for all customer data.

Read more about Screendragon hosting
 
   
   
 

 

  
 

Privacy Information | News | Jobs | Contact

 
 
Copyright Screendragon 2009