Security, Product Security, User Security and Data Center Security
OpenPro ERP Software is a leading provider of web-based solutions and is designed to be secure. OpenPro has security measures in place to help protect against the loss, misuse and alteration of data under OpenPro’s control. When the Services are accessed using Firefox, Netscape Navigator, or Microsoft Internet Explorer versions 4.0 or higher, Secure Socket Layer (SSL) technology protects information using both server authentication and data encryption to help ensure data is safe, secure and available only to you. OpenPro also implements an advanced security method based on dynamic data and encoded session identifiers, and hosts the Services in a secure server environment using a firewall and other advanced technology to prevent interference or access from outside intruders. Finally, OpenPro requires unique user names and passwords that must be entered each time a customer logs on. These safeguards help prevent unauthorized access, maintain data accuracy and ensure the appropriate use of data.
OpenPro takes proactive measures to ensure that the application is safe from Internet attacks. All of the servers are behind a firewall to prevent users from accessing them other than by specifically allowed protocols and methods. Additionally, securely designed segregated networks, load balancers with “denial of service” countermeasures, and application-layer filters create layers of protection against malicious acts.
= 128-bit Secure Socket Layer Data Encryption: from the moment you or our employees access the OpenPro application login screen, your data is protected. Your unique ID and password, as well as all data in the subsequent connection are encrypted with 128-bit SSL, the same level of transaction security currently utilized by some of the world’s largest web banking and commerce businesses.
= Continual Monitoring
OpenPro employs a battery of scans and intrusion detection systems (IDS) to identify any vulnerability within our network. OpenPro will block unauthorized attempts to access our data center, and log and investigate any unauthorized connection attempts.
= Complete Audit Trail
OpenPro continuously maintains a complete audit trail. It tracks each transaction by the user login details and provides a timestamp for each event.
= Testing and Maintenance
Just like the systems they protect, the processes that govern OpenPro availability are continuously tested, improved and maintained. Process management is governed by industry best-practices. OpenPro subjects all of its processes and procedures to regular third-party audits as part of its commitment to quality. All transactions performed are encrypted for your protection with industry-leading safety and predictability. OpenPro has security measures in place for the services to help protect against the loss, misuse and alteration of the data under OpenPro control. Secure Socket Layer (SSL) technology protects information using both server authentication and data encryption to help ensure data is safe, secure and available only to you.
The OpenPro data center is collocated in a secure facility with OpenPro-only access for the OpenPro collocation. Security features are designed to deter, detect, and deny access to unauthorized parties.
= Data Center Security
The OpenPro data center ensures security and redundancy across its operations to provide high levels of security for both the physical and electronic infrastructure of the network. The network was built to meet or exceed commercial telecommunications standards worldwide for availability, integrity and confidentiality. Security features are designed to deter, detect, and deny access to unauthorized parties.
= Backup Power Systems-Uninterruptible Power Sources (UPSs)
OpenPro has designed a solution for continuous power. The UPSs are provisioned in an N+1 configuration and support all customer AC equipment. Each UPS battery system is designed to carry full load for 15 minutes without a generator. Emergency generators typically provide back-up power in less than 10 seconds and are sized to support the entire facility at maximum load.
= Earthquake Preparedness
The OpenPro data center complies with local and national earthquake codes and standard practices in all seismically classified geographical areas. Modifications to facilities include but are not limited to the following:
– Seismic bracing for the raised floor
– Seismic bracing for cabinets
– Seismic bracing for electrical switchboards
– Seismic bracing for overhead distribution trays and troughs
– Seismic bracing for the piping and associated supports
– Redundant DC power plants that are also seismically braced
= Redundant Internet Connection
The OpenPro data center has three 1 GBPS pipes, designed such that any two connections can simultaneously fail without any impact on user experience. This redundancy ensures reliable connectivity with no data transmission bottlenecks to or from the data center.
=Sophisticated Sprinkler Design
The fire protection sprinkler system in the OpenPro data center is a double-interlocked pre-action system designed to provide the best security against accidental discharge of water from the sprinklers. The pre-action system interfaces with a fire alarm system. Water will discharge only from the sprinklers that have been subjected to enough heat to melt the fusible link on the water head. This fusible link is the second interlock in the system.
= HVAC Systems
All of the air conditioning equipment is furnished to support typical computer room equipment. Steam generating humidifiers and electric reheat coils are provided to control humidity. The collocation room has an 18-inch access flooring system, which is dedicated for air distribution only.
= Physical Access to the OpenPro Data Center
The OpenPro secure center collocated within a guarded third party data center. The physical structure maintains stringent physical security policies and controls to allow unescorted access to the collocation areas for pre-authorized OpenPro personnel. The first layer of security includes Photo ID proximity Access Cards. Proximity card reader devices are located at major points of entry and are used to secure critical areas within the overall data center. All perimeter doors are alarmed and monitored. Authorized customers and vendors are required to have a validated palm scan to enter the collocation area. The access control system continuously monitors and logs all entry ways. Access records are stored for reference.