|
|
Client Data Security
We understand that in the course of the development of custom software the customer may have to share some sensitive information with us. At PhiStream, maintaining the inviolability of customer data is stressed at all levels. The sensitive customer information is shared with PhiStream’s personnel involved in the process strictly on a need to know basis and the customer is told about how such information is being shared and secured. All our employees sign confidentiality and non disclosure agreements.
Server Secruity
- The servers on which the code base, database and the customer documents reside are secured in all possible ways.
- We access the servers only with Secure Shell (ssh) on non standard ports and have telnet disabled
- The root access is disabled.
- The IP addresses from which users can connect to the servers are restricted.
- All the sensitive data stored in the database like SSN, Credit Card Numbers, account Information etc. is encrypted.
- Only the personnel directly responsible for maintaining the application have access.
- We have a very stringent policy of periodic password changes; passwords are also changed when there is any reassignment of duties related to server maintenance.
- We ensure that no one person has all the passwords required to reach sensitive customer data.
- All activity on the server is logged and monitored closely.
- Multiple firewalls are configured on the server and access to all but necessary ports are disabled.
- The server is regularly updated with the latest security patches and anti-virus definitions.
Workstation Secruity
All the workstations used at PhiStream have the latest security patches and the latest anti virus definitions installed as soon as they become available. We have a compliance policy for which regular automated and manual checks are performed. These include the following:
- The servers on which the code base, database and the customer documents reside are secured in all possible ways.
- We access the servers only with Secure Shell (ssh) on non standard ports and have telnet disabled
- The root access is disabled.
- The IP addresses from which users can connect to the servers are restricted.
- All the sensitive data stored in the database like SSN, Credit Card Numbers, account Information etc. is encrypted.
- Only the personnel directly responsible for maintaining the application have access.
- We have a very stringent policy of periodic password changes; passwords are also changed when there is any reassignment of duties related to server maintenance.
- We ensure that no one person has all the passwords required to reach sensitive customer data.
- All activity on the server is logged and monitored closely.
- Multiple firewalls are configured on the server and access to all but necessary ports are disabled.
- The server is regularly updated with the latest security patches and anti-virus definitions.
|
