Hosting a server at a physically secure data centre with redundant and reliable supplies of power, cooling and internet is only the first layer in protecting your data. The next layer up is the logical security of the virtualised servers used to deliver the product.
ValuePRO server side systems primarily run on Windows Server 2012 R2 Data Centre Edition. The systems are auto patched with security updates and rebooted at least weekly in line with industry best practices. We run anti-virus products on our equipment that are regularly automatically updated with the latest viral definitions.
Protecting all of our servers and our ValuePRO support offices and development environments are enterprise and defence spec Firewalls from Cisco and CyberRoam. By default at our data centre all ports to all servers other than port 80 (HTTP) and 443 (HTTPS) are blocked.
Specific firewall rules are enabled for specific services on specific ports and customer whitelisted IPs where we need to expose non-HTTP or HTTPs traffic, such as customers who have direct connectivity to their SQL Server instance (Port 1433) and/or the rSync Service (Port 5800). We will automatically retire firewall rules if we see no activity on a port connection for a given period of time.
Access to remote desktop sessions is restricted to specific IP ranges associated to ValuePRO office locations.
ValuePRO's infrastructure processes thousands of inbound email messages per hour. To prevent these email messages from infecting our servers with malware or viruses as well as simply to filter out spam, ValuePRO doesn't actually receipt any email directly onto its own infrastructure. We run Symantec Cloud to process all of our inbound email on the MessageLabs infrastructure. Prior to an email being delivered via a whitelisted route from MessageLabs, it will have been pre-filtered for spam, DDOS mail attacks will have also been dealt with and attachments will have been scanned and virus checked.
With Symantec Cloud Mail Filtering, more than a decade has been spent delivering and continuously developing a highly accurate, effective, and dependable cloud service for securing and managing email. The security intelligence and technology is backed by a comprehensive and meaningful SLA and supported by a global team of email security experts available and accessible 24 hours a day, seven days a week.
The Email Security SLA provides an aggressive set of metrics by which the service is monitored. The SLA defines the following performance targets:
- Antivirus effectiveness—100 percent protection against known and unknown email viruses \L
- Antivirus accuracy—No more than 0.0001 percent false positives \L
- Antispam effectiveness—99 percent spam capture (95 percent for email with double-byte characters) \L
- Antispam accuracy—No more than 0.0003 percent false positives \L
- Email delivery—100 percent email delivery \L
- Latency—Average email scanning time within 60 seconds \L
- Availability—100 percent service uptime \LThe Global Email Security team tracks the performance closely to understand what it takes to meet these high standards for service quality and openly publish the results on the Symantec website. \L
DDOS & DNS
We have highly effective Anti-DDOS measures in place at each of our data centres and inbound internet connectivity, including company owned defence grade layer 3 filters.
We also have a very secure, scalable and globally distributed DNS service via AWS Route53 and are authorised resellers of the TPP Wholesale domain name registrar.