Open main menu

Changes

UK Government Cloud Security Principles

154 bytes removed, 10:05, 26 May 2015
no edit summary
''As the client data we store is held in Sungard's secure Parkwest facility in our database servers. The processes and procedures for SunGard facility entry include a sign in/sign out policy so unauthorised individuals will not be permitted access to our servers. A visit to SunGard can only be authorised by two members of our staff.. Our data is stored in this secure facility which means we are able to mitigate against tampering, loss, damage or seizure. We also utalize BitLocker encryption on our database servers so client data is encrypted. (256-bit key). We are also fully compliant with the Irish data protection act and client data is deleted once it is older then our back-up storage scope.''
Further information = [http://www.bxpsoftware.com/wixi/index.php?title=Data_Protection_and_Data_Retention Data Protection and Data Retencion]
''All n One is 80% compliant with ISO 27001 and Cobit 5. All n One currently requires an external audit for validation. Our hosting infrastructure is ISO 27001 complaint which shows that SunGard AS Ireland has developed and implemented a best-in-class information security management system (ISMS) for itself and its customers.''
Further information = [http://www.bxpsoftware.com/wixi/index.php?title=Bxp_software_in_Sungard bxp software in Sungard]
''All n One is 80% compliant with ISO 27001 and Cobit 5. All n One currently requires an external audit for validation. Company policies and procedures are stored in a secure internal network. All n One also supplies the public with a company wikipedia that provides information on the service. Our hosting infrastructure is ISO 27001 complaint which shows that SunGard AS Ireland has developed and implemented a best-in-class information security management system (ISMS) for itself and its customers.''
Further information = [http://www.bxpsoftware.com/wixi/index.php?title=Security_-_Start_Here Introduction to bxp security]
''All n One complete vulnerability scans on our service and network in order to find issues to mitigate against. This provides us with the high level of security expected from Industry standard.''
Further information = [http://www.bxpsoftware.com/wixi/index.php?title=Bxp_Security_and_Testing bxp security and testing]
''Clients of the service are told to nominate a security champion for our SaaS Service. This member of staff will be able to use enhanced security features to manage their instance of bxp software (All n One's software). With this the client should be able to manage authentication and seperation of access control within the interface.''
Further information = [http://www.allnone.ie/whitepapers/System%20Access%20Management.pdf bxp system access management]
''All n One complete vulnerability tests on all aspects of the service provided. This is don’t in order to find vulnerabilities that can then be mitigated against to provide a more secure service.''
Further information = [http://www.bxpsoftware.com/wixi/index.php?title=Bxp_Security_and_Testing bxp security and testing]
''All n One provides a full audit trail to clients of actions completed on their instance of the service.''
Further information = [http://www.bxpsoftware.com/wixi/index.php?title=Bxp_-_Audit_Logs bxp audit logs]
Thomas Glennon
343
edits
Retrieved from ‘https://www.bxpsoftware.com/wixi/index.php/Special:MobileDiff/4325