Home      FAQ      Forum      Idea Exchange      Ask a Question      My Stuff      Help   
  
Privacy and security
Question
ID
24
Category
General
  Security
Date Created
9/8/2002 11:34:23 AM
Date Updated
9/12/2019 11:35:41 PM
Data in helpdesk database has highly proprietary information, which must be secure.
Answer
We value the trust you have placed in us by relying on the CRMdesk online service.
Because support information is highly confidential, the protection of your data is extremely important to us.
It is ForeSoft's policy to maintain confidentiality over your information.

Once your information reaches us, it resides on servers that are heavily guarded both physically and electronically.

Physical security: CRMdesk is hosted on highly reliable, secure and redundant DELL PowerEdge servers, located in the SteadFast Networks colocation facility (located in the same building as Equinix):
http://steadfast.net/corporate/datacenter.php



We selected this datacenter as one of the most advanced and secure colocation facilities in the world - this is the famous "350 E Cermak, Chicago" building. This building is the most desired datacenter in the US as it stays right on the internet backbones interconnections:
http://www.colocationamerica.com/colocation/chicago-colocation.htm

The fiber provided to the Chicago data centers is provided over redundant paths, with diverse entry points and building riser. This data center had been built to meet the high demands and reliability of telecommunications providers and Fortune 500 companies and have achieved SAS/SSAE compliance:

Please refer to Steadfast audit reports:
SSAE18-type2 audit report: Steadfast-2018-Type_2_SOC_1-Final_Report.pdf
SOC-2 audit report: Steadfast-2018-Type_2_SOC_2-Final_Report.pdf

Our Steadfast colocation facility provides CRMdesk with a world-class datacenter secure infrastructure that works as an integral part of CRMdesk customers' comprehensive HIPAA plan:
https://www.steadfast.net/healthcare

Chicago also has an extremely low occurrence of natural disasters such as hurricanes, tornados, floods, and earthquakes compared to most of the rest of the United States, meaning there is a reduced risk of outages due to natural disasters.

Visual confirmation and strict sign-in procedures, both conducted by trained security personnel, along with key cards, and photo ID verification ensure that only authorized personnel have access to our data center. No customers are allowed in the facility space unattended and staff is on-site 24/7. In addition, all aspects of the data center are monitored and recorded via color, hi-resolution digital video cameras. All video footage is kept on hand for a period of at least 30 days.


Application security:
All Web communications are secured with 256 bit SSL encryption.
All servers are running Windows Server 2016 operating system and are sitting behind electronic firewall. All drives use NTFS partitions.
All Microsoft patches, hot fixes and updates are installed on weekly basis, and the most critical are installed immediately upon release. Our system is always using the latest security technique available from Microsoft.

Cookies are only used to identify user - there is no other information stored in cookies. Cookies are encrypted.

We run continues global database logs backup, and it is copied to a remote datacenter hourly. This would allow us to restore the database to any given moment of time even in an extremely unlikely case of a major disaster in the main datacenter.

ForeSoft Corporation has a very strict Privacy and Security Policy:
https://www.foresoft.net/privacy/

ForeSoft Corporation complies with the EU-U.S. Privacy Shield Framework
https://www.foresoft.net/privacy-shield/
Please click here to verify:
https://www.privacyshield.gov/participant?id=a2zt0000000TN5WAAW




ForeSoft Corporation has further committed to refer unresolved Privacy Shield complaints to ICDR/AAA, an alternative dispute resolution provider:
https://info.adr.org/safeharbor/




ForeSoft Corporation has completed PCI compliance with TrustWawe Holdings, Inc.
Please click here to verify:
https://sealserver.trustwave.com/cert.php?customerId=7901d29c0ca511e0b34b005056b201e5



ForeSoft database servers are successfully passing "TrustKeeper® PCI Manager" monthly penetrating vulnerability scans.


Was this information helpful?
 
Back to Search Results