Einsights Product Security
We know that safety and security of data is of paramount importance to our customers. That’s why at Einsights we take every measure to protect your data.
Einsights uses a Virtual Private Cloud with Amazon Web Services (AWS), which means that Einsights applications are hosted in state of the art data centers that are built utilising innovative architectural and engineering approaches to achieve fault tolerance and 99.99% uptime. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilising video surveillance, intrusion detection systems and other electronic means. The data centers are certified SAS70 type II, ISO 27001, (PCI) Data Security Standard (DSS), FISMA moderate level and Defence Information Assurance Certification and Accreditation Program.
Other physical features that ensure your data is protected include:
- Physical access logged and audited
- Automatic fire detection and response
- Redundant power systems backed up by UPS and power generators
- Climate controlled environment
Network Security
Einsights applications are hosted in a world class data center with extensive network security and monitoring systems, including:
- Application hosting in a Virtual Private Cloud
- State of the art firewalls
- IDS/IPS (Intrusion Detection and Intrusion Protection) and DDOS prevention systems are in place for perimeter and internal network security to detect and prevent any unwanted malicious activity
- Each node is protected by individual firewall allowing for rules granularity
- Multi Factor Authentication using VPN and PKI (Private key) and OTP (one time password) are implemented for server access for management and system administration tasks
- A security incident event management system gathers logs from all systems and creates triggers based on security events
99.99% uptime
Because the Einsights application is hosted in a fault tolerant network infrastructure, you can expect 99.99% uptime. Some features of the infrastructure include:
- Active performance and availability monitoring of all data centers 24x7x365
- Hardware based load balancers to distribute traffic across various nodes
- Auto scaling implemented to handle additional spikes in traffic
- Application hosted in multiple availability zones and geographical regions for fail-over and high availability
Application Security
We built Einsights applications in accordance with security best practices, including:
- All traffic to and from Einsights application is encrypted using industry standard SSL with AES 128 bit encryption
- Access credentials and customer data is encrypted in the database tables using industry standard techniques
- Databases are hosted on servers only accessible through private subnets
- Effective access control mechanisms and password complexity are implemented in the application to prevent unauthorized access
- We utilise a robust audit log for access monitoring the application
Penetration Testing/Vulnerability Management
We have also implemented a rigorous practice of reviewing that everything is always working as planned. This includes monthly penetration and vulnerability tests performed on the application for vulnerability identification via external systems. Additionally, we continuously review new versions of components for security issues, and promptly deploy security fixes for operating system and other components.
