GLBA Risk Assessement
Vendor Management
Red Flags
Control Audit
BSA Risk Assessment
System Security

Rest assured your data is always available and protected

Supernal Software keeps your data safe and secure. Our data centers incorporate the following information multi-layered security, disaster recovery and data backup controls:

Access control and physical security

  • 24-hour monitored security, including motion sensors and door contact switches
  • Electronic key fobs for external access and multiple internal security fob access points
  • Dedicated concrete-walled facility with steel studs and fire retardant drywall throughout
  • Computing equipment in access-controlled steel cages
  • Video surveillance of the server room

Environmental controls

  • Humidity and temperature control connected to our monitoring/alert system
  • Redundant (N+1) cooling system

Power

  • UPS systems for servers
  • Natural gas backup power generator

Network

  • Redundant secure networks and data centers
  • Network neutral; connects to all major carriers and located near major Internet hubs
  • High bandwidth capacity

Fire detection and suppression

  • Alarmed, multi-zone, pre-action dry pipe water-based fire suppression

Secure transmission and sessions

  • Connection to the Supernal environment is via SSL 3.0/TLS 1.0, using global step-up certificates from Verisign, ensuring that our users have a secure connection from their browsers to our service
  • Individual user sessions are identified and re-verified with each transaction, using a unique token created at login

Network protection and Business Continuity Plan

  • Perimeter firewalls with IDS/IPS and AV protection and edge routers block unused protocols
  • Internal firewalls segregate traffic between the application and database tiers
  • Intrusion detection sensors throughout the internal network report events to a security event management system for logging, alerts, and reports
  • A third-party service provider performs quarterly scans on the network externally and alerts changes in baseline configuration

Disaster recovery

  • The Supernal service performs replication between the production data center and the disaster recovery center
  • Data are transmitted across encrypted links
  • Disaster recovery tests verify our projected recovery times and the integrity of the customer data

Backups

  • All data are backed up to disk at bare metal and delta block levels

Internal and third-party testing and assessments

Supernal Software tests all code for security vulnerabilities before release, and regularly scans our network and systems for vulnerabilities. Third-party assessments are also conducted regularly:

  • Application vulnerability threat assessments
  • Network vulnerability threat assessments
  • Selected penetration testing and code review

Security monitoring

Supernal utilizes a third party information security department that monitors notifications from various sources and alerts from internal systems to identify and manage threats.


Seeing is believing: Sign up for a 20-minute online demo to see how Scout takes the confusion and frustration out of risk management.

Supernal Software, LLC ©2009-2010
HyperLink HyperLink HyperLink