Going the Extra Mile to Support Secure Cloud-Hosted Systems Infotech takes a number of actions to ensure security within our cloud hosting services. These elements aren’t neces- sarily universal, but the following are actions we take to ensure added security within its cloud hosting services: • Thorough Encryption: Everything is encrypted at rest (stored) and in transit (traveling from endpoint to endpoint) • Regular Updates: Windows often finds potential security vulnerabilities and releases updates to patch them. We apply these patches on a weekly basis as available. • Minimal Attack Surface Area: The only resources that are publicly accessible are application proxy servers which have no data or applications other than the proxy features on them. Access is restricted to only the necessary ports and protocols. • Regular Security Scans and External Audits: We perform quarterly security scans and have an annual security as- sessment done by an external auditor. We recently earned SOC 2 Type II compliance. More information on that can be found here. • Backups and Redundancies: While not necessarily a security factor itself, backups and redundancies are vital to recoverability in the unlikely event something does go wrong. We provide regular nightly backups and multiple layers of redundancy that can readily be incorporated into a robust and reliable solution. Hopefully, this information helps correct the common misconceptions about security in a cloud-hosted system. If you have any additional questions, feel free to reach out to me at marty.provost@infotechinc.com. Want to learn more about cybersecurity best practices? I’ll be hosting a webinar on how construction companies can best protect their sensitive data. To learn more and register, visit infotechinc.com/safetyinthecloud.
39
february 2020
csengineermag.com
Made with FlippingBook Annual report