The security of your data is of the utmost importance at Vendor Wizard. We have partnered with industry leaders in order to provide an easily accessible and extremely secure environment for your data.
Vendor Wizard leverages the experience and strength of Rackspace, Inc. (NYSE:RAX) for hosting your vendor application. Rackspace is trusted by more than 90,000 business customers in more than 120 countries, managing more than 56,000 servers, 1,600,000 e-mail accounts, and 259,000 cloud hosting domains.
- Every data center's HVAC (Heating Ventilation Air Conditioning) system is N+1 redundant. This ensures that a duplicate system immediately comes online should there be an HVAC system failure.
- Every 90 seconds, all the air in our data centers are circulated and filtered to remove dust and contaminants.
- Our advanced fire suppression systems are designed to stop fires from spreading in the unlikely event one should occur.
- Should a total utility power outage ever occur, all of our data centers' power systems are designed to run uninterrupted, with every server receiving conditioned UPS (Uninterruptible Power Supply) power.
- Our UPS power subsystem is N+1 redundant, with instantaneous failover if the primary UPS fails.
- If an extended utility power outage occurs, our routinely tested, on-site diesel generators can run indefinitely.
Core Routing Equipment
- Only fully redundant, enterprise-class routing equipment is used in Rackspace data centers.
- Fiber carriers enter our data centers at disparate points to guard against service failure.
- We require that the networking and security teams working in our data centers be certified. We also require that they be thoroughly experienced in managing and monitoring enterprise level networks.
- Our Certified Network Technicians are trained to the highest industry standards.
The Rackspace hosting environment is designed to ensure the highest levels of security for customer data - covering all three critical security areas: physical security; system security; and operational security.
Physical Security - Includes locking down and logging all physical access to servers at our data center.
- Keycard protocols, biometric scanning protocols and round-the-clock interior and exterior surveillance monitor access to every data center provides superior protection against unauthorized entry.
- Only authorized data center personnel are granted access credentials to data centers. No one else can enter the production area of the datacenter without prior clearance and an appropriate escort.
- Every data center employee undergoes multiple and thorough background security checks before they're hired.
- Unmarked facilities help maintain a low profile.
- Physical security is audited by an independent firm.
System Security - Involves locking down customer systems from the inside, starting with hardened operating systems and up-to-date patching.
- System installation using hardened and patched Operating System.
- System patching configured to provide ongoing protection from exploits.
- Dedicated firewall and VPN services to help block unauthorized system access
- Data protection with managed backup solutions.
- Dedicated intrusion detection devices to provide an additional layer of protection against unauthorized system access.
- Distributed Denial of Service (DDoS) mitigation services based on a proprietary Rackspace PrevenTier™ system.
- Risk assessment and security consultation by professional services teams.
Operational Security - Involves creating business processes that follow security best practices, limiting access to confidential information and maintaining increased security over time.
- ISO17799-based policies and procedures, regularly reviewed as part of our SAS70 Type II audit process.
- All employees trained on documented information security and privacy procedures.
- Access to confidential information restricted to authorized personnel only, according to documented processes.
- Systems access logged and tracked for auditing purposes.
- Secure document-destruction policies for all sensitive information.
- Fully documented change-management procedures.
- Independently audited disaster recovery and business continuity plans in place.
Vendor Wizard leverages the enormous scale and state-of-the-art security of Amazon S3 for storage of your documents. Amazon, Inc. (NASDAQ:AMZN) has many years of experience in designing, constructing, and operating large-scale data centers. This experience has been applied to the AWS platform and infrastructure. Our Document Storage Security Features Include:
- Data Centers - AWS data centers are housed in nondescript facilities. Critical facilities have extensive setback and military grade perimeter control berms as well as other natural boundary protection.
- Physical Access - Building access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, state of the art intrusion detection systems, and other electronic means.
- Visitors and Staff - Authorized staff must pass two-factor authentication no fewer than three times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.
- Data Transfer - For maximum security, Amazon S3 is accessible via SSL encrypted endpoints. The encrypted endpoints are accessible from both the Internet and from within Amazon EC2, ensuring that data is transferred securely both within AWS and to and from Vendor Wizard clients.