The risk of data breaches today is very real. Sadly, it’s a common occurrence to read about well-known companies whose systems were targeted and attacked, resulting in the actual or potential exposure of customer information and company data. In addition to the actual costs of dealing with the aftermath of a cyberattack, a data breach also means negative publicity which can impact your company’s ability to attract new customers and employees.
Treeno Software leverages years of industry experience and technical expertise in applying multiple layers of security controls throughout our information technology systems. Using several independent methods, this approach provides redundancy in security control systems in the event of a failure or discovery of a system vulnerability. Our security architecture has been designed with the objectives to optimize data integrity, provide effective monitoring and auditing tools, failover redundancy, and rapid emergency response mechanisms across all physical, technical and administrative controls.
Physical Security Controls
Your data is locked inside in our state of the art, interconnected physical data centers. Access to these facilities is restricted to biometric authentication and are under 24x7x365 surveillance. In addition to fortified physical controls, your data is stored geo-redundantly in Eastern and Central US locations, each equipped with uninterruptible power supplies and redundant HVAC systems providing added protection against significant business disruption caused by downtime.
System Security Controls
Treeno Software deploys managed firewall appliances with failover protection at the network perimeter further enhanced with independent system level firewalls that add redundancy and optimize system security. Traffic is restricted by application and port specific rules allowing us to block and audit threats in real time. We continually perform system vulnerability scans and remediation to protect your data according to the current threat landscape.
Treeno Software also limits access to all systems resources through the use of multiple levels of access control lists, carefully managed administrative accounts, and authentication complexity. Our qualified personnel have undergone screening and have adopted a strict adherence to organizational cyber security policies. Finally, we perform frequent account audits to track access, maintenance schedules, and service and support activities.
Application Level Security
Treeno Software uses OWASP standards in web application development. The use of strict code controls, a rigorous QA process, credentialed application penetration testing and remediation ensure that we deliver a highly secured web application.
In addition to security centric development, our EDM Solution provides multiple built in tools for application level protection. Organizational administrators can control data access through the implementation of permission-based rules down to the file level. The underlying data you capture will remain secure using security settings specific to entities, users, groups, documents, and the information fields identified for systems workflows. Finally, a comprehensive audit trail records all user activity, document-specific activity, and provides your administrators robust reporting features.
Transport Layer Security
The use of modern cryptographic protocols across multiple layers protects your data while in transit. Our Login landing page and all subsequent pages inside our application is exclusively served over TLS and denies the use of outdated encryption protocols. Secure client-server connections are established with the use of secure cookies and token-based session management. Server side caching of sensitive information is not allowed and we end user sessions upon idle time-outs. Treeno Software features an additional level of secure client-server connections by providing your organization administrators tools to restrict access by IP address, preventing user access from any other network but yours.
Most breaches do not traverse a firewall or exploit a server misconfiguration. They happen through human carelessness. Treeno Software has the highest level of commitment in safeguarding your data and our staff has participated in DoD level Information Assurance training. With a robust set of cybersecurity policies in place, we have documented regulations on how your data is handled at every level throughout the entire lifecycle. Using our existing policies, we can help your organization meet its own security and compliance objectives.
Data Security in Depth
As you can see, a strong data security strategy encompasses many levels of controls, each with layers of built in redundancy. Our geo-redundant storage facilities guarantee that the integrity of data is preserved. Our infrastructural failover systems ensure that businesses keep working without the suffering of lengthy downtimes. Our administrative policies regulate every level of data security and can be made available for your organization’s required vendor documentation. A layered defense in depth provides the protection that brings everyone a greater peace of mind.
Protect Your Company’s, Customers’, and Employees’ Information with Treeno’s EDM Solution
How do your current cybersecurity efforts stack up? Implementing Treeno Software’s EDM solution does more than provide cost-effective, efficient document workflows and retention; it can help limit your company’s risk of being the next victim of a costly and damaging cyber attack.
At Treeno Software, we take information security seriously. To learn more about EDM and to find out how easy it is to protect your company’s information, contact us today at 800-528-5005.