We value utmost security of our customers that is why we developed a holistic approach in dealing with various threats to the internal workings of our systems.
Security threats can come from any interaction points of our applications in the outside world, plus the limitless users that utilizes our interfaces. Multiple users like customers, resellers, our staff and yours, and even third party servers and unknown internet users may at one time gain access to our servers. By providing varying levels of access coupled with permissions and access rights, we are able to protect vital data in the system.
Network Service Protection. Guarantees protection against from maliciously hacking into the system or undermine the system's uptime capacity.
Authentication and Identification. Verifies and authenticates the real identity of the user to eradicate identity imitation.
Protection of Data. - Data saved in the system cannot be put out of action, destroyed or erased.
Integrity. - Information and data stored in our infrastructure cannot be accessed by unauthorized users, much less manipulate the data.
Privacy. - Only authorized users have access to all information within our system and infrastructure.
Our platform and processes for security depend on multi-tiered security system comprised of: (a) Equipment and Security Systems; (b) Practices and Security Procedures; and (c) Auditing Processes. This ensures unequalled security in all aspects of our system and services. Our platform deals with security in seven escalating levels:
We implemented a thorough "due-diligence processes" in our collaborative international data centers, highlight the two important processes involved: security and stability. Our data centers are equipped with the finest security measures: biometric locks, surveillance equipment, access policies that are authorization-based, security staff, limited data center access, and parallel security procedures, systems, and operations. What keeps our security measures a cut above the rest is our proactive approach to security. We conduct careful deliberation of customer case studies and all of our past security practices. We invest valuable time in doing security study and research.
Cybercrime causes denial of service which results to substantial financial failure. The purpose of implementing denial of service tactics is to put a halt to your business operation by shutting down your website, web applications, and emails. This is accomplished by vigorously attacking servers or networks hosting different services and cramping vital resources like CPU, memory and bandwidth. This can be done for a number of reasons: bragging rights, political subversion, money extortion, and sabotaging competition. Any organization accessing the internet can fall prey to such attacks. Sustained DoS assault can lead to major financial and economic disaster resulting to profit loss, bankruptcy, dissatisfaction, loss of productivity and income and service deterioration. It can even result to unprecedented bandwidth usage invoice.
With the use of state-of-the-art technology, we are able to provide unmatched protection against unwanted DDoS or DoS attacks to your vital infrastructures like website, web apps, and emails. Our system automatically detects any onset of an attack and our filtering system immediately blocks deceitful traffic, while allowing valid traffic at an allowable pace. Our systems have proven effective in past in thwarting massive attacks as large as 300 Mbps which practically crippled many websites and providers.
Using a firewall protection system available 24 hours, we are able to provide a strong first line defense against such attacks. Its highly advanced and adaptive technology for inspection safeguards your applications, emails, website, and all important data against unauthorized access to the network. Our SMEs devised security policies and methods to ensure controlled connection between the internet and our data storage servers.
Our network invasion detection, deterrence, and vulnerability management schemes provide speedy, precise, and all-encompassing response against traffic abnormalities, targeted attacks, adware/spyware, network viruses, unknown worms, rogue applications, and time-released trojans and malwares. Our use of high-end network processors to implement multiple checks on packet flows to determine legitimacy ensures the optimum working condition of our system without creating latency. This direct method of protection is the most reliable way of preventing harmful attacks from getting into our servers.
Our network intrusion detection, prevention and vulnerability management system provides rapid, accurate and comprehensive protection against targeted attacks, traffic anomalies, "unknown" worms, spyware/adware, network viruses, rogue applications and other zero-day exploits. It uses ultramodern high-performance network processors that carry out thousands of checks on each packet flow simultaneously with no perceivable increase in latency. As packets pass through our systems, they are fully scrutinized to determine whether they are legitimate or harmful. This method of instantaneous protection is the most effective mechanism of ensuring that harmful attacks do not reach their targets.
We applied standardization in all of our hardwares by working in partnership with industry leaders that have an established track record of providing quality support service and excellent security standards. A good percentage of our own infrastructure and that used by our data center partners came from the likes of Dell, HP, Cisco, and Juniper, among others.
System of Host-based Disturbance Detection
With the arrival of means to evade firewalls that provide protection from the entry point, we have employed HIDS or "Host-based Intrusion Detection System". This system examines the inner workings of our computers through constant monitoring and analysis. It detects and pinpoints modifications in our computer configurations and systems, especially when the changes are caused by intentional interference, external infringement, or by accident. It utilizes host log information, heuristic scanners, and consistent monitoring of system activity. Timely discovery of unnecessary changes significantly lessen the risk of incurring damages, and shortens the time needed to troubleshoot and recover from the malfunction. This equates to a more improved security and availability of the system resulting to reduced negative impact.
Our whole operation relies on the use of varying softwares available in the market: server softwares like Postgres, Tomcat, Resin, different variations of Apache, MSSQL, MySQL, plus Windows, BSD and Linux, among many others. Although we utilize many applications and software, we are confident with our security because we implement a process-focused approach.
Well-timed Application of Security Patches, Bug Fixes, and Updates
All our servers are configured to receive automatic updates to get the latest security patch to immediately deal with new threats. A number of successful system intrusions come from existing malwares or viruses which mutated. There are existing countermeasures against such mutation, but because patches are not updated regularly these damaging attacks become successful.
Our thorough understanding of the need to continuously update our patches has allowed us to incorporate a reliable framework of reporting and editing, together with built-in redundant processes. This is in response against the vulnerability of new OS and software releases that are still full of security loopholes. With the security system in place, we are able to get daily updates against new security threats.
Recurring Security ScansRegular security check is conducted using industry-grade security software to identify weaknesses in the system. Using the latest databases of known vulnerabilities, our servers are thoroughly scanned for any cause of system malfunction. This allows us to fix identified loopholes in our system which can be susceptible in an event of an attack.
Testing Process before Full Upgrade
Software vendors periodically release software upgrades which, more often than not, are not tested in a real working environment together with other operating systems and softwares. Before we upload any software upgrade into the system, we first conduct a beta version in our labs to identify potential risks and problems. This is to ensure that any new addition to our system will not cause work disruption or damage.
Application systems running in our network are thoroughly inspected by our team of experts. Each new application is broken down to its littlest detail and inspected thoroughly. We conduct our own set of inspection of security layers, even though this has been completed by our suppliers. This proactive approach allows us full control of all elements of the application or software and provides us with a much better understanding of its inner workings.
The weakest link in the security chain is always the people you trust. Personnel, Development staff, Vendors, essentially anyone that has privileged access to your system. Our Holistic Security Approach attempts to minimize security risk brought on by the "Human Factor". Information is divulged only on a "need-to-know" basis. Authorization expires upon the expiry of the requirement. Personnel are coached specifically in security measures and the criticality of observing them.
As much as we value our human resources, we are also practically aware of the risk of security breach by personnel. As such, we conduct a thorough investigation check prior to employment, especially those who are given the highly-sensitive administrative privilege to access our servers. No matter how advance a security system is, if the person in charge cannot be trusted, then security malfunction is bound to happen. Information in the whole network is only in a "need-to-know" basis; thus limiting the impact of divulging security-sensitive information. Our human resources are constantly instructed on the importance of security measures and why it is imperative that these are followed strictly.
Maintaining a globally-distributed network of servers require a consistent audit process to ensure that all security standards are followed, regardless of the location. This audit includes checking if patches are regularly updated and if scripts are running consistently without failure. We also conduct audit of backup rotations and consistent reference checks of our personnel. We also test the efficiency of sending out security alerts by our equipment. This stringent audit allows us to see the chink in our armor before it is exploited by external sources.