WatchMyDC understands that the confidentiality, integrity, and availability of our customers' information are vital to their business operations and our own success. We use a multi-layered approach to protect that key information, constantly monitoring and improving our application, systems, and processes to meet the growing demands and challenges of security.
Secure Data Centers
Our service is deployed in Amazon AWS's top-tier data centers. These facilities provide carrier-level support, including -
- Access control and physical security
- 24-hour manned security, including foot patrols and perimeter inspections
- Biometric scanning for access
- Dedicated concrete-walled Data Center rooms
- Computing equipment in access-controlled steel cages
- Video surveillance throughout facility and perimeter
- Building engineered for local seismic, storm, and flood risks
- Tracking of asset removal
Environmental Controls
- Humidity and temperature control
- Redundant (N+1) cooling system
Power
- Underground utility power feed
- Redundant (N+1) CPS/UPS systems
- Redundant power distribution units (PDUs)
- Redundant (N+1) diesel generators with on-site diesel fuel storage
Network
- Concrete vaults for fiber entry
- Redundant internal networks
- Network neutral; connects to all major carriers and is located near major Internet hubs
- High bandwidth capacity
Fire Detection and Suppression
- VESDA (very early smoke detection apparatus)
- Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression
- Secure Transmission and SessionsConnection to the WatchMyDC environment is via SSL/TLS cryptographic protocols, using global step-up certificates, ensuring that our users have a secure connection from their browsers to our service. Individual user sessions are identified and re-verified with each transaction, using a unique token created at login.
Blacklisting in WatchMyDC
Blacklisting limits unauthorized access by requiring users to log in to WatchMyDC from designated IP addresses — typically your company network, designated customer networks, or VPN. By using Login IP Ranges, admins can define a range or specific permitted IP addresses to control access to the WatchMyDC dashboard. Those who try to log in to the WatchMyDC dashboard from outside the designated IP addresses will not be granted access.
Two-Factor Authentication
Two-Factor Authentication requires that all login attempts have both login credentials and a second authentication factor delivered via Email or an authenticator app. This is achieved by enabling the capability under Account settings. Login attempts that do not have valid credentials from both sources will not be granted access to WatchMyDC.
Network Protection
Perimeter firewalls and edge routers block unused protocols within the AWS environment. Internal firewalls segregate traffic between the application and database tiers. Intrusion detection sensors throughout the internal network report events to a security event management system for logging, alerts, and reports.
Disaster Recovery
- WatchMyDC performs real-time replication to disk at each data center, and near real-time data replication between the production data center and the disaster recovery center.
- Data is transmitted across encrypted links. Disaster recovery tests verify our projected recovery times and the integrity of the customer data Backups.
- WatchMyDC tests all code for security vulnerabilities before release and regularly scans our network and systems for vulnerabilities.
Collector Security
Once a Collector is deployed, a unique Key is assigned to it. This key is used for authentication purposes. All communications between the Collector and the WatchMyDC Cloud is verified by this unique key and conducted via secure socket layer/transport layer security (SSL/TLS).
Database Security
Hardware and software configurations are designed to provide secure logical separations of customer data that permit each customer to view only its related information. Multi-tenant security controls include unique, non-predictable session tokens, configurable session timeout values, password policies, sharing rules, and user profiles.
All customer data within the WatchMyDC Database is encrypted with a 256-bit encryption protocol.
Comments
0 comments
Article is closed for comments.