Information Security Policy
SEAtS have developed a comprehensive set of practices, technologies and policies with our data centre partners to help ensure that customer data is secure.
Updated at 30-03-2023
We take the physical security of our datacentres very seriously. Our datacentres are located in secure facilities that have multiple layers of protection against physical and logical threats. Here are some of the measures we implement to ensure the safety of our customer data:
- 7x24x365 Security Guards. Our datacentres are guarded by private security personnel around the clock, every day of the year, without any exceptions. They patrol the premises and check the identity of anyone who tries to enter. They are trained and equipped to deal with any potential intruders or emergencies.
- Video Surveillance. Our datacentres are equipped with night vision cameras that record and monitor all activities inside and outside the facilities. The video footage is stored securely and reviewed regularly by our security team. The cameras are also connected to an alarm system that alerts us of any suspicious movements or breaches.
- Controlled Access. Only a small group of pre-authorized personnel can access our datacentres. They have to go through a controlled entrance that requires two forms of authentication: a proximity card and a security guard challenge. No one else is allowed to enter, not even our own employees. The access records are logged and audited periodically.
- Undisclosed Locations. Our datacentres are not advertised or marked in any way. They are situated in generic looking buildings that blend in with their surroundings. We do not disclose their locations to anyone, except for the relevant authorities. This makes them less likely to be targeted by attackers who may not even know where they are.
Our network security team and infrastructure help protect customer data on our platform against the most sophisticated electronic attacks. The following is a subset of our network security practices. These are intentionally stated in a very general way to discourage attack. If The customer organization requires further detail on our network security, please contact us.
- 128/256bit SSL. The communication between the customer computer and our servers is encrypted using strong 128bit keys. What this means is that even if the information traveling between the customer computer and our servers were to be intercepted, it would be nearly impossible for anyone to make any sense out of it.
- IDS Our network is firewalled and screened for intrusion detection.
- Control and Audit. All accesses are controlled and also audited.
- Secured OS. SEAtS applications run inside secured operating system environments engineered for security.
- Virus Scanning. Traffic coming into SEAtS Servers is automatically scanned for harmful viruses using state of the art virus scanning software which are updated regularly.
Designing and running data centre infrastructure requires not just technology, but a disciplined approach to processes. This includes policies about escalation, management, knowledge sharing, risk, as well as the day to day operations.
- Select Employees. Only employees with the highest clearance have access to our data centre data. Employee access is logged and passwords are strictly regulated. We limit access to customer data to only a select few of these employees who need such access to provide support and troubleshooting on our customers’ behalf.
- Audits. Audits are regularly performed and the whole process is reviewed by management
- As Needed Basis. Accessing data centre information as well as customer data is done on an as needed only basis, and only when approved by the customer (i.e. as part of a support incident), or by senior security management to provide support and maintenance.
Redundancy and Business Continuity
One of the fundamental philosophies of cloud computing is the acknowledgment and assumption that computer resources will at some point fail. We have designed our systems and infrastructure with that in mind.
- Power Redundancy. SEAtS Data Centre Servers are configured for power redundancy – from power supply to power delivery. UPS Redundancy is N+1.
- Internet Redundancy. Multiple Tier3 ISPs. So if any one fails or experiences a delay, the customer can still reliably get to the customer applications and information.
- Redundant Network Devices. SEAtS runs on redundant network devices (switches, routers, security gateways) to avoid any single point of failure at any level on the internal network.
- Redundant Cooling and Temperature. Intense computing resources generate a lot of heat, and thus need to be cooled to guarantee a smooth operation. SEAtS servers are backed by N+1 redundant chilled
water systems and temperature control systems.
- Geo Mirroring. Customer data can be mirrored in a separate geographic location for Disaster Recovery and Business Continuity purposes. Please note geo mirroring is only available on selected products and plans.
- Fire Prevention. The SEAtS data centres are guarded by industry standard fire prevention and control systems.
- Data Protection & Backup. User data is backed up periodically across multiple servers, helping protect the data in the event of hardware failure or disaster.
While we cannot list all the details of our infrastructure for security reasons, SEAtS security practices, policies and infrastructure are proven and reliable.
For more information about SEAtS and our Security, please contact our support team…