Changes

At All n One we strive to provide the more professional, efficient and most importantly secure system systems to our clients as possible. This document references All n One's compliance to the UK government cloud security principles - [https://www.gov.uk/government/publications/cloud-service-security-principles/cloud-service-security-principles UK Government Cloud Principles]]

 All n One utilises SunGard's hosting environment in Parkwest business park Dublin. In this environment SunGard use cisco 5510 firewalls for network protection and Cent OS virtual load balancers utilizing TLS negotiation so we can offer TLS 1.2 to users using the latest browsing software and older versions of TLS for legacy software. (IE6 etc.) We also complete vulnerability tests to ensure All n One's cloud security. For additional information on bxp's end to end encryption please view the following link - [[Bxp_-_BER8_SER2_-_End_to_End_encryption_and_High_Availability]]  

 As the All n One's client data we store is held stored in database servers in Sungard's secure Parkwest facility in our database servers. The processes and procedures for SunGard facility entry include a sign in/sign out policy so unauthorised . Unauthorised individuals will not be permitted access to our servers. A visit/call to SunGard can only be authorised by four members of our staff. Our data is stored in this secure facility which means we are able to mitigate against tampering, loss, damage or seizure. We also utalise BitLocker encryption on our database servers so client data is encrypted (256-bit key). We are also fully compliant with the Irish data protection act and client data is deleted once it is older than our back-up storage scope. - [[Bxp_software_in_Sungard]] also [[Data_Protection_and_Data_Retention]]

 All instances of the service are segregated by client. This means that one client instance of the software is unable to get any data from another client system. As the system is a SaaS Solution users from the same system will have to log in using different usernames / passwords. All events that occur from the users in a user account are stored in log files so it is possible to review all colleague user activity though through an audit trail functionality built into bxp.For more information on data segregation view - [[The_bxp_Infrastructure#Logical_Infrastructure]]

 All n One is 80% compliant with ISO 27001 and Cobit 5. All n One currently requires an external audit for validation. Company policies and procedures are stored in a secure internal network. All n One also supplies the public with a company wikipedia that provides information on the service. Our hosting infrastructure is ISO 27001 complaint which shows that SunGard AS Ireland has developed and implemented a best-in-class information security management system (ISMS) for itself and its customers. For additional information on All n One's certification status view - [[Security_-_Start_Here#Operational_Procedures]]

 All colleagues are screened though our HR interview process. All n One strives to provide its colleagues with the safest most enjoyable environment and all HR processes are compliant with the data protection act of Ireland. All colleagues are trained in their field of expertise and are also required to complete a data protection course annually to mitigate against any accidental data loss or data exposure. For more information on our HR and operational processes view - [[Security_-_Start_Here#Operational_ProceduresHuman_Resource_Procedures]]

 For all key bxp operations only All n One staff and SunGard are included. Our software is hosted in a 3rd party data center, provided by SunGard. All other partners are not involved directly in operation or provision of data service. Our other partners include Continuum, NB1 Consult Limited and Sheehan & Associates Accountantsfor other roles such as sales and marketing.. Additional information can be found here - [[All_n_One_Partners_and_Suppliers]]

 Clients of the service are told to nominate a security champion for our SaaS Service. This member of staff will be able to use enhanced security features to manage their instance of bxp software (All n One's software). With this the client should be able to manage authentication and separation of access control within the interface. The system champion will also be able to run reports on the actions of users on their instance of bxp through the audit trail functionality.[[User_Profiling_-_Start_Here]] . bxp software also provides a means for data protection automation which can be viewed from the following link - [[Data_Protection_and_Data_Retention]] We also provide a live security notice board and information resource for our clients to refer to in real time. [[Bxp_Client_Dashboard_Report]]

 All n One utilises the latest in TLS technology to provide our clients with the most secure login possible. By utilizing Google's password strength meter API we also have the ability to reject passwords not considered to be "Best" by Google's standards. We also provide the ability to lock down login attempts to only be successful from a particular IP of range of IP's. In order for All n One to manage our hosted servers we have created a secure encrypted VPN connection with SunGard AS. The office in which the operations team work on bxp software development is also fully secured with the latest intevo security system from Kantech which was installed by ADT. - [[Bxp_-_Ballymount_Security]] There are a significant number of security configurations possible which are detailed here in our security matrix of options. [[CC-2-1_Security_and_Custom_Interface_configuration#Matrix]]

 All n One complete vulnerability tests on all aspects of the service provided. This is done in order to find vulnerabilities that can then be mitigated against to provide a more secure service. We also provide an API for the software (BEAPIbxp api) which allows third party systems to interact directly with bxp software. The BEAPI bxp api will not grant access by default. It requires EXPLICIT IP address declaration to grant any form of access or engage in any communication. [[Bxp_API]]

At All n One we review log files from the service and offer a full audit trail service to our clients for their instances. Our hosting environment SunGard also mitigates against any DDOS or networking attacks through their technical operations centre (TOC). All n One's security department also give consistent security updates to staff and services when available. For more information on our security department view - [[All_n_One_-_Departments_-_Security]]