Product

Security

AppWise understands that the confidentiality, integrity, and availability of our customers' information are vital to their business operations and our own success.

appwise-icon100x100-security.svg#asset:2

The security of your data is our highest priority 

We use the best tools and engineering practices available to build and maintain AppWise. We utilize a multi-layered approach to protect key information, constantly monitoring and improving our application, systems, and processes to continually protect against emerging security challenges.

Secure Data Centers

Our service is collocated in top-tier data centers. These facilities provide world-class support, including:

Access control and physical security

  • 24-hour manned security, including foot patrols and perimeter inspections
  • Biometric scanning for access
  • Dedicated concrete-walled Data Center rooms
  • Computing equipment in access-controlled steel cages
  • Video surveillance throughout facility and perimeter
  • Building engineered for seismic, storm, and flood risks
  • Tracking of asset removal

Network

  • Concrete vaults for fiber entry
  • Redundant internal networks
  • Network neutral; connects to all major carriers and located near major Internet hubs
  • High bandwidth capacity

Fire detection and suppression

  • Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression
  • VESDA (very early smoke detection apparatus

Secure Networks

Secure transmission and sessions

  • Connection to the AppWise environment is via TLS cryptographic protocols, using global step-up certificates, ensuring that our users have a secure connection from their browsers to our service
  • Individual user sessions are identified and re-verified with each transaction, using a unique token created at login

Network protection

  • Perimeter firewalls and edge routers block unused protocols
  • Internal firewalls segregate traffic between the application and database tiers
  • Intrusion detection sensors throughout the internal network report events to a security event management system for logging, alerts, and reports
  • A third-party service provider continuously scans the network externally and alerts changes in baseline configuration

Recovery

Disaster Recovery

  • The AppWise service performs real-time replication to disk at each data center, and near real-time data replication between the production data center and the disaster recovery center
  • Data are transmitted across encrypted links

Backups

  • All data is backed up at each data center, on a rotating schedule of incremental and full backups
  • Backups are not transported offsite and are securely destroyed when retire
Security Recovery Illustration
Security Assessment Illustration

Assessment

Internal and Third-party testing and assessments

AppWise regularly scans our network and systems for vulnerabilities. Third-party assessments are also conducted regularly:

  • Application vulnerability threat assessments
  • Network vulnerability threat assessments
  • Selected penetration testing and code review
  • Security control framework review and testing

Security Monitoring

Our Information Security department monitors notifications from various sources and alerts from internal systems to identify and manage threats.

Technology

AppWise maintains a comprehensive array of technical measures to protect the AppWise service and offers a robust set of customer-controlled settings to further heighten privacy and security protection.

Default Privacy and Security Features

  • Application features that protect customer data:
    • Customers passwords are not accessible by AppWise personnel.
    • Connection to the AppWise service is via secure socket layer/transport layer security (SSL/TLS), ensuring that our customers have a secure connection to their data. Individual user sessions are uniquely identified and re-verified with each transaction.
  • Logical separation of customer data:
    • Multitenant security controls include unique, non-predictable session tokens, configurable session timeout values, password policies, sharing rules, and user profiles.
    • The AppWise service supports delegated authentication.
    • Hardware and software configurations are designed to provide secure logical separations of customer data that permit each customer to view only its related information.
  • Network security measures:
    • Intrusion-detection sensors
    • Security event management system
    • Continuous external vulnerability scanning
    • Multiple layers of external firewalls
  • Redundancy and Scalability: 
    The AppWise service is highly scalable and redundant, allowing for fluctuation in demand and expansion of users while greatly reducing the threat of long-term outages. Load-balanced networks, pools of application servers, and clustered databases are features of our design.
  • Disaster Recovery: All customer data is stored in secure data centers and is replicated over secure links to a disaster recovery data center. This design provides the ability to rapidly restore the AppWise service in the case of a catastrophic loss.
  • Backups: In addition to our disaster-recovery capabilities, customer data is also backed up to tape in a separate data center. Tapes are not transported offsite from this data center, reducing the risk of loss.
  • Intrusion-detection sensors
  • Security event management system
  • Continuous external vulnerability scanning
  • Multiple layers of external firewalls
  • Multitenant security controls include unique, non-predictable session tokens, configurable session timeout values, password policies, sharing rules, and user profiles.
  • The AppWise service supports delegated authentication.
  • Customers passwords are not accessible by AppWise personnel.

Continuous external vulnerability scanning

Customer-Controlled Privacy and Security Settings

  • Customers may control access to AppWise via their existing SAML-based Identity and Access Management (IAM) infrastructure.
  • AppWise is pre-integrated with leading Single-Sign On (SSO) solutions like Okta and OneLogin.
  • Enterprise customers may configure AES-256 encryption keys to encrypt their search index with a key that is managed externally and independently from the AppWise environment.

security-technology-illustration-30.svg#

Try AppWise Professional free for 14 days