We’d like to explain how we store, process and secure that information.
You will always be up and running. Total Expert’s products run on best-in-class infrastructure at Rackspace data centers.
Each Rackspace data center is restricted by biometric authentication, keycards, and constant surveillance. This helps ensure that only authorized engineers have access to routers, switches and servers.
Rackspace’s power systems deliver conditioned power while protecting against sags, surges, swells, spikes and electrical noise. Uninterruptible power supplies (UPS) provide instant failover for continuity during a power outage, with on-site diesel generators prepared for extended outages.
Rackspace also has redundant HVAC systems for immediate failover. Additionally , their robust network includes nine backbone providers, allowing traffic to shift as needed to guard against single points of failure.
Your data is protected at all times. We take multiple steps to prevent eavesdropping between systems, as well as within our infrastructure.
All network traffic runs over SSL/HTTPS, the most common and trusted communications protocol on the internet.
Our virtual systems are replaced on a regular basis with new, patched systems. We’re relentlessly updating our systems to protect your data.
System configuration and consistency is maintained using a combination of configuration management, up-to-date images and continuous deployment.
We separate the database instances from application servers physically, and believe in the mantra of single function servers.
All login pages pass data via SSL/TLS for public and private networks, and only support certificates are signed by well-known Certificate Authorities (CAs).
All email and CRM credential-related data is encrypted while in transit using military-grade encryption.
Total Expert application passwords are hashed and even our own staff can’t retrieve them.
Total Expert offices are protected behind network firewalls from well-known security vendors and secured by keycard access.
Collaborative tools like email, document shares and calendars require two-factor authentication to mitigate phishing attacks.
Critical infrastructure passwords are locked in a virtual vault using AES256 encryption and can only be accessed by specific professionals within the organization.
We are always on the lookout for breaches and system interruptions. We’ve invested in detecting and responding to security events and incidents that impact infrastructure.
Security operations at Total Expert is responsible for ensuring the following:
Even though we’ve designed secure systems and procedures, we perform regular security tests to identify and remediate potential vulnerabilities.
We also conduct periodic penetration tests with an expert third-party vendor to help keep our applications safe and secure. These tests cover network, server, database and White Box testing for vulnerabilities inside Total Expert applications.
Logging is a critical component to Total Expert’s infrastructure. Logging is used extensively for application troubleshooting and investigating issues. We collect everything to form a complete audit trail of user activity.
Production data is mirrored to remote systems and automatically backed up daily to an offsite location.
We test our recovery procedures regularly by restoring from backup and simulating recovery of a production database.
Our backup retention varies by function and business impact, the minimum backup retention for all systems is seven days and goes up to 90 days.
Our production applications are deployed in multiple locations which can sustain the loss of an entire data center in a region.