Security Policy

PHYSICAL SECURITY


All Candor servers hosted in a highly secure facility.

Layered security implementation enforced at each facility including locking.

Mechanism, identification and authentication procedures.

Visitors and vendors escorted at all times.

Redundant air conditioning system.

Intruder alarms and fire system alarms, monitored 24 hours a day.

Dual-zone, dual sensor, gas-based suppression system.

Floors, racks, and other support systems have seismic reinforcements.

Redundant power system consists of UPS (uninterruptable power supply) and a high- capacity diesel generator that is wired via an automatic transfer switch.


ELECTRONIC SECURITY

Encrypted passwords.

Continuous authentication.

Available encrypted file upload (SSL).

Application layer security, including:
URL level security.
All digital certificates signed by a trusted Certifying Authority.
Public/private key encryption (to be released soon).
Layered security implementation enforced to protect various features and functionality of data environment.

High availability firewall protection.

Daily backups, including offsite storage.

Backups stored in a Fire and E.M.P. proof facility.

Regular third-party security audits.


LEGAL

Non-Disclosure Agreements signed by all employees and contractors.