Latest CRM Blog Posts
Jul 3 2012 - 15:04
Shared Success - Guaranteed Results
Physical security of our servers is achieved through their being located in inconspicuous buildings with 24x7 manned security, CCTV-monitored data centres with biometric systems and certified entry procedures.
Availability is achieved through using buildings with redundant power and airconditioning systems and through the use of two physically-separate locations with a high-speed network connecting them. Our policy is to implement systems with no single points of failure. All hardware has remote-management capability.
Network security is achieved through the application of multiple layers of protection, including packet filters/ACLs, firewalls, and other techniques which are confidential. External specialist organisations are used to vulnerability scan at the network level and do more involved penetration testing. All data transfer happens under strong encryption; all access to Workbooks secure website uses 256-bit SSL.
Careful design. All systems are built on the principle of ‘least privilege’ such that processes run with the minimum set of capabilities and software is not present on the operational systems unless it is specifically required. The operating system is under tight version control and we monitor for reports of security vulnerabilities in the OS and its components.
Our Development and QA processes are geared towards a controlled release cycle with a focus on avoiding security vulnerabilities and data corruption. The processes are extensive and include both automated and manual testing at many levels: unit, integration, system and functional. System changes are only permitted under a full Change Control process with signoff by senior Workbooks management.
Data is accessed and copied only over strongly-encrypted connections. We implement separate databases for each customer to add an additional layer of security above an extensive Permissions/Capabilities model which allows functions to be limited to specific roles or groups of users. Underpinning all data storage is a row-level security model which allows users to hold private data securely and permits control to read, modify, write, change access or change ownership on a record-by-records basis.
Workbooks’ development and customer support staff do not have access to live customer data without the customer’s prior permission which the customer grants through the use of the Workbooks service itself.
The team which founded Workbooks has previously created a managed service used by many customers to run hundreds of firewalls and has also worked through the ISO 27001 certification process. Workbooks is also working towards achieving ISO 27001 certification.