DSEasy Web
Server Security
1. Traffic
security
All network
traffic between the client
browser and
the DSEasy.net server is encrypted with a 128 bit key under SSL
[secure sockets layer] as used by all bank and credit card
transactions.
The standard is Certified by:
2.
Web server security
The DSEasy
web server is a high performance,
fault
tolerant dedicated Unix server providing the high levels of technical
security.
3. Database
and Application security
The embedded
security model provides private
encrypted password storage and page level user validation to preserve
the privacy and integrity of client data.
4. General
The DSEasy
application has been developed to
the
Government e-Gif and OWASP. This requires best practice standards of
application architecture and use of open standard, non proprietary
technologies.
5. Server
site Physical Security and
Approvals
Host ISP
meets the following standards:
GCat
NHScat
PASA
ISO9000
BS7799 (Currently awaiting auditing for approval)
This,
combined with CCTV, access control
swipe
cards, very restricted access to the Data Centre and regular security
audits by external parties ensures we provide a safe and secure
environment.
Secure
server configuration and
application architecture
The
development team behind DSEasy.net are
accredited contractors to the NHS and are experienced in protecting the
most sensitive level of data held within a web application to OWASP
standards. We currently host several Government Servers and provide
Internet service to Local and Regional authorities as well as Police
Authorities and major computer secure site developers.
6. Disposal
of data
Hard disk
disposal:
Data is ‘erased’ by introducing to the disk 50
times,
random data which will ‘erase’ all trace of the
original
data.
7. Virus
protection
ClamAV is in
place. Visit http://sourceforge.net
for complete authenticity details.
8. Backups
Data is
backed up each night and saved in
an encrypted file on an offsite server.
9. VPN and
Firewalls
Cisco Firewall
VPN connections available by arrangement
Specification and pricing on request.
|
