World Class Security
We worry about it so you don't have to
EZFacility provides state-of-the-art
security to ensure that your customer data is never compromised. At
EZFacility, we know that security is crucial to you — that's why it's
our top priority. We devote significant resources to continually develop
our world-class security infrastructure. The result: We deliver unsurpassed
security and privacy of our customers' information.
When you sign up with EZFacility, you'll enjoy the protection and
peace of mind that only our world-class security infrastructure can
provide.
Security measures
Our security measures include the following:
- A dedicated, expert team of experienced, professional engineers
and security specialists
- Around-the-clock protection of data and systems
- Continuous deployment of proven, up-to-date firewall protection,
SSL encryption, and other security technologies
- Ongoing evaluation of emerging security developments and
threats
- Complete redundancy throughout the entire EZFacility infrastructure
- PCI Certified (For secure payment processing)
- SAS 70 Type 2 Certified Datacenter
Security Details
Physical Security
Our production equipment is collocated at a facility that provides
24-hour physical security, palm print and picture identification,
redundant electrical generators, redundant data center air conditioners, and other backup equipment designed to keep servers continually up and running.
Perimeter Defense
The network perimeter is protected Cisco Pix firewalls and monitored by intrusion detection systems - all sourced from industry-leading security vendors. In addition, EZFacility monitors and analyzes firewall logs to proactively identify security threats.
Data Encryption
EZFacility leverages the strongest encryption products to protect
customer data and communications, including 128-bit THAWTE SSL Certification. The lock icon in the browser indicates that data is fully shielded from access while in transit.
User Authentication
Users access EZFacility only with a valid username and password
combination, which is encrypted via SSL while in transmission.
Application Security
Our robust application security model prevents one customer
from accessing another's data. This security model is reapplied
with every request and enforced for the entire duration of a user
session.
Internal Systems Security
Inside of the perimeter firewalls, systems are safeguarded
by network address translation, port redirection, IP masquerading,
non-routable IP addressing schemes, and more.
Operating System Security
EZFacility enforces tight operating system-level security by
using a minimal number of access points to all production servers.
We protect all operating system accounts with strong passwords,
and production servers do not share a master password database.
All operating systems are maintained at each vendor's recommended
patch levels for security and are hardened by disabling and/or removing
any unnecessary users, protocols, and processes.
Database Security
Database access is controlled at the operating system and database connection level for additional security. Access to production databases is limited to a number of points, and production databases do not share a master password database.
Server Management Security
All data entered into the EZFacility application by a customer
is owned specifically by that customer. Our employees do not have
direct access to the EZFacility production equipment, except where
necessary for system management, maintenance, monitoring, and backups.
Reliability and Backup
All networking components, SSL accelerators, load balancers,
Web servers, and Database servers are configured in a redundant
configuration. All customer data is stored on a primary database
server that is mirrored with a backup database server for redundancy.
All customer data, up
to the last committed transaction, is automatically backed up on
a nightly basis.
