An effective security strategy is essential to the success of any organization, and ensuring total data security is a non-negotiable requirement when selecting a platform service provider. To exceed the requirements of our customers, rCloud has been developed using a comprehensive, multi-layered approach designed to deliver exceptional availability, performance, and security.
rCloud® is hosted in a Tier 3, SAS 70 Type II audited data center, and our systems and infrastructure have been designed from inception to maximize data security and information availability. Our documented and reviewed internal control framework meets SAS 70 Type II certification and HIPAA data management requirements. rCloud tightly defines business processes that adhere to security best practices, limits access to confidential information, and maintains tight information security across our entire business structure.
We carefully select and vet our professional team members. The rCloud Support and Operations teams are highly trained to provide the highest level of service while satisfying stringent data privacy requirements.
rCloud® is engineered to maximize security and availability, offering 99.9% uptime target.
Physical Security - Data Center
Doyenz is deployed in modern Tier 3 data centers selected to:
- Meet or exceed SAS 70 Type II and HIPAA best practice requirements
- Minimize or eliminate the risk of natural disaster
- Optimally provide for the intensive power and cooling requirements of high volume platform applications
- Deliver redundant utilities, including electricity, water, voice, and data, with underground lines entering different areas of the buildings
- Ensure anonymity, housed in unsigned and windowless building, disguised with natural landscaping
- Provide external physical barriers, including crash-proof bollards, a physical buffer zone, explosive-proof external walls, and retractable crash barriers at vehicle entry points
- Mantraps, access control systems, additional bollards, and redundant surveillance systems
- Surveillance cameras at all entrances and exits and at every access point throughout the buildings
- Surveillance footage digitally recorded and stored offsite
- Heating, ventilation, and air-conditioning systems offer recirculation capabilities to protect from biological or chemical attack or heavy smoke due to adjacent fire
- Air quality is continuously monitored for chemical, biological or radiological contamination
- Building access is tightly controlled with two-factor authentication, physical sign-in, and all facilities are staffed 7x24x365
Authentication and Encryption
- rCloud® access requires a registered email address and password combination
- Passwords are stored in encrypted format
- Hierarchical rights management capability allows for System Administrator, Distributor, Partner, and Client report, dashboard, and security levels
System and Operational Security
- System installation using hardened, patched operating systems
- System patching configured to provide ongoing protection from exploits
- Redundant firewalls to block unauthorized system access
- Data center access limited to vetted Operations team members
- Biometric scanning for controlled data center access
- Security camera monitoring at all data center locations
- Physical security audited by an independent firm
- Intrusion detection devices to provide an additional layer of protection against unauthorized system access
- Continuous risk assessment and security consultation by security professionals
Multiple copies of backup image data are maintained, including an offsite encrypted archival instance