Skip to main content

Security in the WatchMyDC Cloud

WatchMyDC Support
  • Updated

WatchMyDC understands that the confidentiality, integrity, and availability of our customers' information are vital to their business operations and our own success. We use a multi-layered approach to protect that key information, constantly monitoring and improving our application, systems, and processes to meet the growing demands and challenges of security.


Secure Data Centers

Our service is deployed in Amazon AWS's top-tier data centers. These facilities provide carrier-level support, including -

  • Access control and physical security
  • 24-hour manned security, including foot patrols and perimeter inspections
  • Biometric scanning for access
  • Dedicated concrete-walled Data Center rooms
  • Computing equipment in access-controlled steel cages
  • Video surveillance throughout facility and perimeter
  • Building engineered for local seismic, storm, and flood risks
  • Tracking of asset removal

Environmental Controls

  • Humidity and temperature control
  • Redundant (N+1) cooling system

Power

  • Underground utility power feed
  • Redundant (N+1) CPS/UPS systems
  • Redundant power distribution units (PDUs)
  • Redundant (N+1) diesel generators with on-site diesel fuel storage

Network

  • Concrete vaults for fiber entry
  • Redundant internal networks
  • Network neutral; connects to all major carriers and is located near major Internet hubs
  • High bandwidth capacity

Fire Detection and Suppression

  • VESDA (very early smoke detection apparatus)
  • Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression
  • Secure Transmission and SessionsConnection to the WatchMyDC environment is via SSL/TLS cryptographic protocols, using global step-up certificates, ensuring that our users have a secure connection from their browsers to our service. Individual user sessions are identified and re-verified with each transaction, using a unique token created at login.


Blacklisting in WatchMyDC

Blacklisting limits unauthorized access by requiring users to log in to WatchMyDC from designated IP addresses — typically your company network, designated customer networks, or VPN. By using Login IP Ranges, admins can define a range or specific permitted IP addresses to control access to the WatchMyDC dashboard. Those who try to log in to the WatchMyDC dashboard from outside the designated IP addresses will not be granted access. 


Two-Factor Authentication

Two-Factor Authentication requires that all login attempts have both login credentials and a second authentication factor delivered via Email or an authenticator app. This is achieved by enabling the capability under Account settings. Login attempts that do not have valid credentials from both sources will not be granted access to WatchMyDC. 


Network Protection

Perimeter firewalls and edge routers block unused protocols within the AWS environment. Internal firewalls segregate traffic between the application and database tiers. Intrusion detection sensors throughout the internal network report events to a security event management system for logging, alerts, and reports.


Disaster Recovery

  • WatchMyDC performs real-time replication to disk at each data center, and near real-time data replication between the production data center and the disaster recovery center.
  • Data is transmitted across encrypted links. Disaster recovery tests verify our projected recovery times and the integrity of the customer data Backups.
  • WatchMyDC tests all code for security vulnerabilities before release and regularly scans our network and systems for vulnerabilities.

Collector Security

Once a Collector is deployed, a unique Key is assigned to it.  This key is used for authentication purposes. All communications between the Collector and the WatchMyDC Cloud is verified by this unique key and conducted via secure socket layer/transport layer security (SSL/TLS).


Database Security

Hardware and software configurations are designed to provide secure logical separations of customer data that permit each customer to view only its related information. Multi-tenant security controls include unique, non-predictable session tokens, configurable session timeout values, password policies, sharing rules, and user profiles.


All customer data within the WatchMyDC Database is encrypted with a 256-bit encryption protocol.

Comments

0 comments

Article is closed for comments.

Powered by Zendesk