Physical
Our production equipment is co-located in Egham, Surrey, at a facility that provides 24-hour physical security, redundant electrical generators, redundant data centre air conditioners, and other backup equipment designed to keep servers continually up and running.
The network offers high reliability and will “self heal” in less than 50ms within the core if there is a cable fault. End to end network management will provide rapid fault diagnosis and restoration. The network is proactively monitored and managed 24 hours, 365 days per year by a Network Operations Centre.
The Data Centre is designed to provide a secure and stable environment, both for building and environmental conditions as well as network performance and availability. It hosts mission critical applications such as ecommerce sites, customer support systems, portal sites and many businesses where the web site is their business. All key systems for power, air conditioning, fire protection, as well as network and routing are designed and built with redundancy.
Perimeter
The network perimeter is protected by multiple firewalls and monitored by intrusion detection systems — all sourced from industry-leading security vendors. In addition, NetDespatch monitors and analyses firewall logs to proactively identify security threats.
Data Encryption
NetDespatch leverages the strongest encryption products to protect customer data and communications, including 128-bit Verisign SSL Certification and 1024 Bit RSA public keys. The lock icon in the browser indicates that data is fully shielded from access while in transit.
User authentication
Users access NetDespatch only with a valid username and password combination, which is encrypted via SSL while in transmission. A session ID cookie is used to uniquely identify each user. For added security, the session key is automatically re-established in the background at regular intervals.
Application Security
Inside of the perimeter firewalls, systems are safeguarded by network address translation, port redirection, IP masquerading, and more. Exact details of these features are proprietary.
Operating System Security
NetDespatch enforces tight operating system-level security by using a minimal number of access points to all production servers. We protect all operating system accounts with strong encrypted passwords, and production servers do not share a master password database. All operating systems are maintained at each vendor's recommended patch levels for security and are hardened by disabling and/or removing any unnecessary users, protocols, and processes.
Database Security
Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is limited to a number of points, and production databases do not share a master password database.
Server Management Security
All data entered into the NetDespatch application by a customer is owned by that customer. NetDespatch employees do not have direct access to the NetDespatch production equipment, except where necessary for system management, maintenance, monitoring, and backups. NetDespatch does not utilise any managed service providers. The NetDespatch Systems Engineering team provides all system management, maintenance, monitoring, and backups.
Reliability and Backup
All networking components, SSL accelerators, load balancers, Web servers, and application servers are configured in a redundant configuration. All customer data is stored on a primary database server that is clustered with a backup database server for redundancy. All customer data is stored on disk storage that is mirrored across different controllers.
Disaster Recovery
All updates to the NetDespatch system are replicated in real time to a "live backup". In the event of catastrophic hardware failure the live backup will take over with almost no interruption to the NetDespatch service. Any server that fails is replaced with a hot standby server while the failed server is diagnosed. An offline backup also takes place regularly in case of data corruption/data loss.
|
Security
