Security
Compliance Information Systems has long been entrusted to transmit and store our customer's data. We understand that the security and availability of our systems are crucial to our clients' operations. We employ multiple levels of controls to protect and secure your data and engage in regular monitoring and security auditing to help ensure system security. CIS applications are hosted within our on-site, Tier-3, carrier grade datacenter employing N+1 redundancy.
Data center control and physical security
Environmental controls
Fire detection and suppression
Network
- 24-hour manned security
- Biometric scanning for access
- Dedicated Data Center rooms
- Computing equipment in access-controlled steel cages
- Video surveillance throughout facility and perimeter
- Building engineered for local seismic, storm, and flood risks
- Tracking of asset removal
Environmental controls
- Temperature control
- Redundant (N+1) cooling system
Fire detection and suppression
- Automated fire detection and dry fire suppression systems
Network
- Redundant internal networks
- Network neutral; connects to all multiple carriers and located near major Internet hubs
- High bandwidth capacity
- HTTPS encryption layer of SSL/TLS
Power
Backups
Network protection
Internal and Third-party testing and assessments
- Redundant (N+1) CPS/UPS systems
- Redundant power distribution units (PDUs)
- Redundant (N+1) diesel generators with on-site diesel fuel storage
- Underground utility power feed
Backups
- All data are backed up to tape daily
Network protection
- Perimeter firewalls and edge routers block unused protocols
- Internal firewalls segregate traffic between the application and database tiers
- Intrusion detection sensors
- A third-party service provider security audit
Internal and Third-party testing and assessments
- Application vulnerability threat assessments
- Network vulnerability threat assessments
- Selected penetration testing
- Security control framework review and testing
Connect
