|
Secure workspaces for dispersed teamsBoardVantage started out by solving what many thought was an impossible task — marrying 24x7 access with sufficient security to protect a corporation's most strategic and valuable asset — board content. While not all content inside the enterprise has such stringent requirements, many departments do. That's why our baseline security is tight. As secure as a board portal and subjected to frequent audits from leading financial institutions, our collaboration platform brings our experience at the board level to the broader company. Our platform is located in a highly secure environment, protected by end-to-end encryption (both in transit and at rest) and authentication, in a hardened, protected site. Like major financial institutions, we maintain a strong perimeter defense using multiple layers of security and constant monitoring. Our processes are independently audited, and the company has achieved SAS70 Type II and SysTrust certifications. Our service has been subjected to numerous reviews by leading financial institutions. We devote significant resources to continuously improving our security with the latest technologies. Between our security management program and our secured state-of-the-art hosting facilities, our customers receive the highest commercially available data protection. Physical securityAll computer and network communication systems are housed in a secured, hardened hosting facility with 24x7x365 surveillance patrols and biometric access control. System redundancyMaintained by our own security-screened staff, BoardVantage has built-in redundancy at every point, including Web, application, and file, database, and storage servers. Network monitoringOur entire infrastructure is continuously protected by a broad shield of network equipment and management tools and continuously monitored by our staff for any attempted network attacks. Data securityWe encrypt all data using strong ciphers, both during network transport and while resident on computing platforms, so that it cannot be compromised. Customer content is separated into individual repositories and encrypted with a unique key. Only authorized users can access protected data - barring even system administrators. Network securityThe application requires the use of Secure Socket Layer (SSL) encryption technology (128-bit minimum) for access. Digital certificates ensure the authenticity of each SSL session. Virus protectionVirus control methodology prevents the distribution of malicious code that could disrupt service, destroy data, and undermine productivity. Data backupWe automatically back up all customer data nightly and store it at a secured, off-site facility. All backups are encrypted, and any unused, obsolete, or end-of-life media is destroyed to prevent third-party data retrieval. User authenticationOur authentication policies enforce security without increasing complexity for the end user. In addition to our two-tier authentication mechanism, we partner with the customer to ensure customer access policies are enforced at all times. Operating system securityThe application servers are hardened at the operating system level. Administrative access is restricted to authorized personnel: login is possible only through encrypted access with individually authorized and enabled encryption keys. We also regularly review security patches according to vendor specifications. Internal processesOur system is SAS70 Type II and SysTrust certified. Our documented internal processes have been independently audited to ensure that we have the proper controls in place for provisioning, change control, and procedural changes. We not only enforce the separation of roles and responsibilities and closely supervise employees; we also conduct criminal background checks on each staff member at both the federal and local levels. |