Securing your Data

Introduction

 

Data Security in the modern world is a serious subject, and is complex.

The data stored within your Navigator system needs to be secure from Hackers as well as other parties such as disgruntled employees and competitors.

You need to be sure that you and only you have access to your data at all times.

Data Security is something that needs continuous review to ensure that best practice is being applied at all times, and with the launch of the Navigator V2 we have taken the opportunity to upgrade to the latest best-practice approach to securing our customer’s data:-

Data Centre

The Navigator datacentre is fully ISO27001 registered and is audited regularly to ensure that it is so. This means that the datacentre has the relevant physical and virtual security.

Physical Security

Access to the datacentre is by access-fob only.  To gain access, a fob-owner (we have several at DMS) has to contact and request access, quoting their name, password and other security details after which they will be given a access for a timeslot only.

The Navigator hardware within the datacentre is covered by additional physical locks so that only Navigator staff can access the hardware.

The datacentre is monitored by cctv 24x7 and has priority emergency service response if required.

Connectivity

The datacentre maintains online 24x7x365 by having multiple levels of internet access – using different carriers, both physical (by cable) and wireless (satellite). 

Power

The datacentre has it’s own power sub-station onsite which is backed up by a large battery UPS system which is large enough to power the whole datacentre for sufficient time to allow the diesel generators on-site to kick in.

Fire Suppression

The datacentre has a sophisticated automated fire detection and suppression system which continuously samples the air in the centre searching for smoke – this will identify a fire before it starts and raise an alarm.   In case of fire, the data hall is filled with inert gas to put the fire out safely, without any damage to equipment.

 

Hardware Resilience

All hardware on side is duplicated on an “n+1” basis – this means that for every piece of hardware, there is extra or duplicated capacity to allow for failure – this applies to everything from Routers, Network Switches, Servers, Disk systems and backup.

Firewalls

Sophisticated firewalls within the datacentre manage network traffic into the centre, filtering out potential attacks and only allowing Navigator specific traffic through to customer facing servers.

 

 Encryption of All Data

 

All data between the customers server and the user of Navigator sitting at their PC is encrypted at all stages with sophisticated industry standard encryption.  In Version 2 of Navigator this now uses 256bit keys with associated security certificates which are almost impossible to crack.    In addition, all messages between the PC client and the Navigator database are secured by continuous verification of user name and password.

On the server, data can be encrypted when stored on the Navigator disk systems.  This means that even if there was a “hack” of the Navigator data centre, and a copy of the data was made – this copy would be encrypted and therefore useless.

Backup’s are similarly encrypted.

Backup

All Navigator data is backed up nightly, and 7 days of backups are always stored, along with a month end backup for every month for the previous 3 years.

Backups are stored online – at the data centre – for easy retrieval if required, and also copied each night to an off site backup.

Application Security

 

Version 2 of Navigator includes some enhanced User level security – including the ability to restrict which users can export data from Navigator.

In addition, the Navigator Web services will include additional security – including higher end 256 bit encryption with registered server certificates.

On the client side, all temporary user data is stored in encrypted format on the local PC.

User security has also been reviewed, including the ability to force users to have more complex passwords, force regular password change and also to lock user accounts after a number of failed login attempts.

 

 

Summary

With the launch of Navigator V2, security and encryption have been increased to ensure that a Navigator user’s data is secure at all times.  Whilst no system involving the internet and humans can be totally secure, the updates with Version 2 bring Navigator up to current security recommendations.