Access Control and Physical Security

        • 24-hour security, including foot patrols and perimeter inspections
        • Biometric scanning for access
        • Video surveillance throughout facility and perimeter
        • Dedicated concrete-walled Data Center rooms
        • Tracking of asset removal

Environmental Controls

        • Humidity and temperature control
        • Redundant (N+1) cooling system

Power

        • Redundant (N+1) CPS/UPS system
        • Redundant power distribution units (PDUs)
        • Video surveillance throughout facility and perimeter
        • Redundant (N+1) L6 generators with on-site diesel fuel storage

Network

        • Redundant internal networks
        • High bandwith capacity

Fire Detection and Suppression

        • Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression

Secure Transmission and Sessions

        • Connection to ExchangeBase is via SSL 3.0/TLS 1.0, using global step-up certificates from Verisign, ensuring that our users
           have a secure connection from their browsers to our service
        • Individual user sessions are identified and re-verified with each transaction, using a unique token created at log in

Network Protection

        • Perimeter firewalls and edge routers block unused protocols
        • Internal firewalls segregate traffic between the application and database tiers
        • Intrusion detection sensors throughout the internal network report events to a security event management system for logging,
           alerts, and reports
        • A third-party service provider continuously scans the network externally and alerts changes in baseline configuration

Disaster Recovery

        • Real-time replication to disk at each data center, and near real-time data replication between the production data center and the
           disaster recovery center
        • Data is transmitted across encrypted links
        • Disaster recovery tests verify our projected recovery times and the integrity of customer data

Backups

        • All data is backed up to tape at each data center, on a rotating schedule of incremental and full backups
        • Tapes are not transported offsite and are securely destroyed when retired

Internal and Third-Party Testing and Assessments

        • Application vulnerability threat assessments
        • Network vulnerability threat assessments
        • Selected penetration testing and code review
        • Security control framework review and testing

Security Monitoring

        • Our Information Security department monitors notification from various sources