Security Measures Deployed
Among other security measures, eam2go.com provides:
- Experienced, professional engineers and security specialists dedicated to round-the-clock data and systems protection
- Continuous deployment of proven and up-to-date security technologies.
- Complete redundancy throughout the entire eam2go.com online infrastructure.
- Total commitment to a secure, scalable, private collocated system.
eam2go.com security architecture is made up of a highly redundant, fine-grained, multi-tiered security infrastructure.
| Tier | Security Type | Description |
|---|---|---|
1 |
Physical Security | Our data center is located in Orlando, Florida. This 2,800 square foot data center houses companies such as Worldcom, Level(3), ColoSolutions, and Time Warner. It provides 24-hour physical security, proximity card access and picture identification systems, redundant electrical generators, motion detectors, perimeter sensors, redundant HVAC systems, and other backup equipment designed to keep servers continually up and running. |
2 |
Perimeter Defense | The network perimeter is protected by multiple firewalls and monitored by intrusion detection systems — all sourced from industry-leading security vendors. In addition, salesforce.com monitors and analyzes firewall logs to proactively identify security threats. eam2go.com also contracts with a third-party security firm that proactively monitors our security configurations for changes, vulnerabilities, and errors and regularly conducts vulnerability threat assessments including penetration tests. |
3 |
Data Encryption | Data travelling from your computer to eam2go.com leverages the strongest encryption methods to protect customer data and communications, including AES 256-bit SSL encryption and 1024-bit RSA public keys. The lock icon in the browser indicates that data is fully shielded from access while in transit. |
4 |
User Authentication | Users can access eam2go only with a valid username and password combination, which is encrypted via SSL while in transmission. Users are prevented from choosing weak or obvious passwords. An encrypted session ID cookie is used to uniquely identify each user. For added security, the session key is automatically scrambled and re-established in the background at regular intervals. |
5 |
Domain Security | Our robust application security model prevents one eam2go.com customer from accessing another's data. This security model is reapplied with every request and enforced for the entire duration of a user session. |
6 |
Operating System | eam2go.com enforces tight operating system-level security by using a minimal number of access points to all production servers. We protect all operating system accounts with strong passwords, and production servers do not share a master password database. All operating systems are maintained at each vendor's recommended patch levels for security and are hardened by disabling and/or removing any unnecessary users, protocols, and processes. |
7 |
Database | Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is restricted to a limited number of points, and production databases do not share a master password database. |
8 |
Reliability and Backup | All networking components, SSL accelerators, load balancers, Web servers, and application servers are configured in a redundant configuration. All customer data is stored on a database served by a database server cluster for redundancy. All customer data is stored on carrier-class disk storage using RAID disks and multiple data paths. All customer data, up to the last committed transaction, is automatically backed up to a primary tape library on a nightly basis. Backup tapes are immediately cloned to verify their integrity, and the clones are moved to secure, fire-resistant, off-site storage on a regular basis. |