We provide several layers of security as well as a number of tools to assist our customers in enhancing the security of their applications and data. The data center is a Cisco Certified data center.

PHYSICAL SECURITY

Our data center provides multiple layers of physical security including the following:

   A) Access controlled building entry - Access to the building is restricted 24 hours a day and all personnel entering or leaving the building must sign in and out with the security guard.

   B) Access controlled floor - Entry into the main office is card key access controlled. No one may enter the office without an electronic badge.

   C) Access controlled data center floor - All access to the main data center floor requires a biometric hand scan and card key. All areas of the data center floor are monitored 24 hours per day by CCTV and on-site personnel. The NOC area and data center are accessed via a "trap area" that requires one door to be locked before the next can be opened.

   D) Access controlled cabinets - All cabinets are locked and a key must be checked to access all cabinets housing equipment.


NETWORK SECURITY

Network security is provided by both ingress and egress filtering as well as multiple layers of hardware and software firewalls and advanced encryption techniques. The basic architecture consists of a combination of Cisco, Microsoft and proprietary products to ensure relevant security for our customers.

Exact specifications for network security are not available to the public. It is our firm belief that it is more difficult to hack a network or device when you don't know what the network or device is or the software deployed or release versions. Hackers routinely hack systems when they know what system, hardware and software version they are trying to hack. For these reasons, our network security is completely confidential and on a need to know basis.

DATA SECURITY

While it is our intent to provide the highest level of security for our customers data by employing industry standard security measures, maintaining up to date security training, patches and service packs, we firmly believe that if you connect your system, and your data, to the Internet, it can eventually be hacked.

For this reason, we highly recommend all customers using our facilities and requiring secure data implement both SSL 3.0 encryption for all data transmitted to or received from the web servers via a web browser as well as implementing a local encryption service, such as ASPEncrypt, to encrypt and decrypt data stored in and retrieved from our database servers for which connectivity is provided on a secure internal private network.