ProcessUnity understands that the privacy, confidentiality, integrity, and availability of our customers’ information are vital to their business operations and our own success. We use a multi-layered approach to protect that key information, constantly monitoring and improving our application, systems, and processes to meet the growing demands and challenges of security.
ProcessUnity utilizes some of the most advanced technology for Internet security available today. When you access our site using industry standard Secure Socket Layer (SSL) technology, your information is protected using both server authentication and data encryption, ensuring that your data is safe, secure, and available only to registered users in your organization.
Access control and physical security:
- Server and network infrastructure is housed in a data center engineered for local seismic, storm, and flood risks featuring bulletproof walls, false entrances, and vehicle blockades
- Physical access is secured via portals and person traps that require both badge and biometric authentication
- 24-hour manned security features on-premise security guards performing foot patrols, perimeter inspections, and asset removal tracking
- Video surveillance and digital recording devices are located throughout the facility and perimeter
Environmental controls. Humidity and temperature control; redundant (N+1) cooling system
Power. Underground utility power feed; redundant (N+1) CPS/UPS systems and power distribution units; redundant (N+1) diesel generators with on-site diesel fuel storage
Network. Concrete vaults for fiber entry; redundant internal networks, network neutrality; connections to all major carriers and location near major Internet hubs
Fire detection and suppression. VESDA (very early smoke detection apparatus); dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression
- Secure connection to the ProcessUnity environment via 128-bit SSL 3.0/TLS 1.0, using global step-up certificates from Equifax
- Individual user sessions identified and re-verified with each transaction, using a unique token created at login
Network and Server Protection
- Unused protocols blocked by perimeter firewalls and edge routers
- Hardened operating systems with monthly and out-of-band security patching procedures and protocols
- Partitioned data storage (data integrity)
- Isolated and decentralized customer instances
Availability, Backup, and Disaster Recovery
- Enterprise-class servers and network hardware with on-site spares
- Continuous data backups / snapshots at 4-hour intervals
- Nightly offsite backups via secured and encrypted network link
- Pre-production security vulnerability testing
- Regular network and system scans for all conceivable and known security deficiencies
- Ongoing monitoring of application and server health
- 100% managed code via Microsoft .NET development architecture
- Secure password policies, configurable to meet particular organizational needs
- Forced re-login after inactivity (time-out interval)
- Role-based security, to provide granular control over application features and functions, as well as object-level data permissions
- Team-based data security, to provide access to application data based on team membership
