Security
Orcas Net has established a multi-faceted security protocol to ensure data integrity. Security measures are designed to address both unauthorized access and inadvertent damage to data and systems.
Information Classification
A multilevel data security system is used to assign data security levels based on the sensitivity of the data. This permits simultaneous access to the dataVISION system by users with different security clearances. Each user can access only appropriate information, based on the user's need-to-know. Users are prevented from obtaining access to information for which they lack authorization. Authorization is verified using a system of passwords. Password changes are forced on a regular basis.
Employee Responsibility
Our Employee Security Policy defines security requirements and accountability.
Threat Assessment
We perform regular threat assessments to determine exposure to exploitation, or any circumstance or event that could cause harm to information or systems.
Elements of Security
The major mechanisms that protect the dataVISION system and data are:
-
Network Control Mechanisms
Router filtering, firewalls, remote access servers -
Application Access Controls
Authentication, single sign-on, security aware applications, DBMS security -
Platform Access Controls
Intrusion detection, compliance management -
Physical Access Controls
Site-specific facility management procedures -
Reliability and Fault Tolerance
From RAID disk systems to mirrored servers, uninterruptible power to redundant data circuits, our network and systems are designed for maximum availability and reliability.
Security Policy Monitoring & Compliance
The security policy is updated frequently, and regular audits are conducted by AccuVant Inc. to ensure compliance with ISO 17799 standards for information security.