Security
The following is technical data, to explain various security features of the system:
User security
Access to the CH Data system is provided in “Security Levels”, with more security required if CH Data will store sensitive information.
Level 1 security, used when anonymised data is stored in the CH Data system (no resident names or staff names).
Staff require a username and password and are forced to change it on a regular basis.
Level 2 security, used when non-sensitive information is stored within the system (such as training dates).
In addition to standard logons, staff members must only logon from approved IP addresses, on computers that have approved Anti-Virus software and an appropriate firewall.
Level 3 security, used where sensitive information of any kind is stored within the system (any resident records, or staff contact information).
In addition to Level 1 & 2 security measures, staff members must also utilise 2-factor authentication to gain access to CH Data.
Datacenter
Our CH Data servers are held in secure datacenters with the following:
- Certification – ISO 27001:2005 standard for Information Security
- Uptime – 24x7x365 monitoring
- Physical Security – biometric authentication on all datacenters with keycards & 24/7 surveillance
- Power – UPS protected with standby generators
- Cooling – N+2 redundant chillers with redundant water sources
- Networks – Nine backbone broadband providers, with multiple Cisco routers and automatic failover