Services
Client Information
I-Link
Articles
Log-in
Links

welcome to executive investigations

security and access questions

Security and access are key questions from our clients who can have their work managed via our web application. These issues have been largely accommodated in the internet world since 2000 via multi-layer defence or defence in depth. The layers are explained in this document. Executive Investigations implement all of these layers and have options to add extra defences for particular customers should they be required.                         SSL Lock down

When a user logons onto our web application. The web browser will put a small padlock in the bottom right hand of the page. This indicates that all transmissions of data between the web browser and our application are encrypted. The certificate locking down the main application is bank grade encrypted. This sort of security is used by banks and shopping sites to protect your credit card number from theft. For more details about this, see http://en.wikipedia.org/wiki/Transport_Layer_Security

 Nagios Monitoring

All of our sites are monitored once a minute to report systems down, potential problems and suspicious activity. All exceptions are reported back to the support team via email and in particularly bad cases SMS for immediate action.

 Intrusion Detection System

We utilise an intrusion detection system to tell us if there is suspicious activity and to automatically block attackers attempts to break into the application sites. The IDS runs continuously and monitors all network traffic and user's logged on for suspicious activity. If an attacker breaks in, we have software that checks the files automatically to tell us if they have been altered by an attacker. From there we can react and move the applications to a new, uncorrupted environment.

 Virtual Environments

All of our customer instances are separated into there own virtual environment. This isolates the data for each customer and improves isolation security.

 Security Patches

Many attacks occur if the software exposed to the internet is not 'patched' regularly for security issues. We have a procedure in place to ensure this happens daily.

 Off-site Backups

All customer data if requested is backed up, encrypted and sent off-site to a server remote to the main server pool. We can restore a customer to the end of previous day operations should the need arise. We regularly check the backups for completeness as part of our support business processes.

 Viruses and Spyware

We deploy all our system application servers using the Linux operating system. There are no know viruses and spyware

that affect this environment due to the way the operating system has been architected.

 Internet Connection:

Our System hosted at Global Switch in Sydney on multiple redundant servers. With access to four (4) separate dedicated Internet  carriers each providing speeds of up to 100Mbps Both uploading and downloading data.

For obvious reasons the full details of our security defence is not public.

For more information on our Servers security please contact us

Copyright 2014 Executive Security and Investigations Pty Ltd