BUILT INTO THE FOUNDATION OF OUR ARCHITECTURE
We understand that financial data is one of your most valuable and protected assets. Our number-one priority is delivering a comprehensive, high-performance solution with cutting-edge security measures to keep your financial data safe and your business protected.
You can sleep at night knowing that we've gone the extra mile with security measures to give you peace of mind.
Layers of Security - There are many layers of security in BIGcontrols, starting with the physical datacenter setup where we operate in secure ISO 27001-compliant data centers. At the network level, we employ firewalls against outside attacks, DDoS mitigation, and various technical mechanisms against spoofing and sniffing. At the application level we run in an isolated environment where we store data in a protected database. We perform ongoing backups of both our application and our customer's data.
Complete Tracking - The security and audit tracking integrated within our application allows administrators to audit user views and edits on data for incentives, locations, tasks and users including time, date and from/to parameters. This granular security empowers administrators to see how data is manipulated and accessed.
Performance Delivered - We are committed to a world-class customer service experience. We measure uptime and response time to ensure that customers have a reliable and quick connection to our servers. As part of our corporate vision, we provide our users with an environment that is accessible from any device and enables them to respond to changing business dynamics. Our technical operations team monitors these test results to ensure we are providing the best-in-class service to our customers.
Firewalls - Firewalls are utilized to restrict access to systems from external networks and between systems internally.
DDoS Mitigation - Our infrastructure provides DDoS mitigation techniques including TCP Syn cookies and connection rate limiting.
Spoofing and Sniffing Protections - Managed firewalls prevent IP, MAC, and ARP spoofing on the network and between virtual hosts to ensure spoofing is not possible. Packet sniffing is prevented by infrastructure including the hypervisor which will not deliver traffic to an interface to which it is not addressed.
BIGcontrols is hosted on the Amazon Web Services (AWS) platform. Applications on the AWS platform run within their own isolated environment and cannot interact with other applications or areas of the system to prevent security and stability issues. These self-contained environments isolate processes, memory, and the file system while host-based firewalls restrict applications from establishing local network connections.
Customer data is stored in separate access-controlled databases. Each database requires a unique username and password that is only valid for that specific database. Connections to databases require SSL encryption to ensure a high level of security and privacy.
Our physical infrastructure is hosted and managed within Amazon’s secure data centers and utilize the Amazon Web Services (AWS) technology. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
- ISO 27001
- SOC 1 and SOC 2/SSAE 16/ISAE 3402 (Previously SAS 70 Type II)
- PCI Level 1
- FISMA Moderate Sarbanes-Oxley (SOX)
Application - Our application is automatically backed up as part of the deployment process on secure, access-controlled, redundant storage.
Databases - Continuous protection keeps data safe. Every change to your data is written to write-ahead logs, which are shipped to multi-datacenter, high-durability storage. In the unlikely event of unrecoverable hardware failure, these logs can be automatically "replayed" to recover the database to within seconds of its last known state. Additionally, we also backup databases on an ongoing basis.
Access to Customer Data - Our hosting personnel do not access or interact with customer data or applications as part of normal operations. There may be cases where we are requested to interact with customer data or applications at the request of our customer for support purposes or where required by law.
Employee Screening and Policies - As a condition of employment all our employees undergo pre-employment background checks and agree to company policies including security and acceptable use policies.