We are focused on three things: the security, availability, and performance of your hosted Microsoft solution. The most important of these is security.
Project Hosts is ISO 27001 certified and also compliant with the Federal Information Security (FISMA) standards recommended by NIST. As a result, customers such as the US Navy, Novartis, BP, investment banks, and health care providers have chosen to host their Microsoft solutions with Project Hosts.
Our security systems are audited at least once per year by certified third parties. The most recent ISO audit was by SRI Quality System Registrar.
We think of security in the following seven levels:
- Physical security: All servers are located in one of our SAS 70/SSAE 16 certified data centers with 24×7 guard-controlled access. Identification protocols and biometric scanners are used to authenticate technicians before permitting their entry into the data center. Access is strictly limited to personnel that need to work on servers or infrastructure.
- Transport security: All communication between your PC and your hosted environment is made using SSL or in some cases RDP. Both of these protocols employ 256-bit encryption to protect your data in transport.
- Firewall security: All ports into and out of the data center are blocked except for the few ports necessary to provide access to your solution. Intrusion detection systems scan the traffic and system logs to highlight suspicious activity.
- Windows security: Project Hosts employs the strictest possible Windows lock-down techniques. Users only have access to the functions required for the functioning of their EPM solution, and they are securely separated from all other users in the data center. All servers run Windows Server with host-based firewalls, and any applicable security patches are applied shortly after they become available.
- Data security: Databases are kept completely isolated, strong passwords are required, and access is strictly limited. Dedicated SQL server solutions take this security one step further by ensuring “air gap” isolation of your data.
- Password security: Strong password requirements are maintained for all deployments. These passwords that are made up of combinations of upper and lowercase letters, symbols and numbers are extremely effective in preventing unauthorized access.
- Virus security: McAfee Virus software is employed and kept continually up to date to ensure a clean, safe environment.
All security systems are regularly monitored and tested for vulnerability. Potential new threats are addressed on a 24×7 basis by our Network Operations Center (NOC).
We understand that your data is your most valuable asset. That is why we have implemented every possible safeguard to ensure the security of your data.
If you have any questions, please email us at firstname.lastname@example.org.