Safe and secure with premier encryption
Our world class technical team ensures your data remains yours alone.
SaaS and security
Inevitably, when an organisation’s data is kept on servers that are not under its direct control, concerns regarding security and availability of the service come up.
Although this is certainly a valid concern, the bottom line is that in most cases, a service provider such as ourselves, can provide better security than most organisations due to the fact that we are not hampered by having to manage a complex network, with disparate hardware and a multitude of different applications. We only have to protect a single application. Furthermore because of the deep level of expertise surrounding the application and the economies of scale, we can provide a higher level of security than would be available in an on-premise scenario.
Data centre security
Our servers are hosted in high security data centres managed by Amazon Web Services. More information about the security measures, processes and compliance certifications implemented by Amazon can be found at aws.amazon.com/security.
Operating system security
We only use AWS approved machine images to provision new servers. The operating system has been configured to provide the smallest possible risk footprint and is regularly checked to ensure that it meets the standards as set by the Microsoft Baseline Security Analyser and other automated scanning tools. This includes ensuring that the latest security patches have been applied, that anti-virus software is up to date and that only the required ports are open.
Both physical and logical firewalls are in place to ensure that only the appropriate traffic is allowed onto the server. We make extensive use of AWS security groups, roles and IAM to only allow appropriate traffic to and from servers.
Monitoring and active intrusion detection
We have continuous monitoring processes in place to detect potential security threats and to actively lock out IP addresses which exhibit suspicious behaviour (e.g. password guessing, Denial of Service).
PPO uses https (SSL) for all communication which is backed by a 2048-bit Thawte digital certificate.
The application has been designed from the ground up with security in mind. In addition to logical access control mechanisms which are described in more detail below, specific measures have been incorporated into the application to prevent web based threats such as cross-site scripting, cross-site request forgery, script injection and SQL injection attacks.
A formal security review also forms part of each release to ensure that we have not introduced any features or functionality without considering the security implications.
Authentication of PPO users is done using a standard username and password scheme. PPO provides the ability to automatically e-mail users when they have been added to the system with a system generated password which they will have to change on first login.
User passwords are hashed using SHA1 and PBKDF2 with 1000 iterations and a 24 byte random salt. Each instance of PPO can be separately configured to meet the client’s specific requirements in terms of password policy, including expiry of passwords, re-use of old passwords, password complexity, and retry counts.
PPO also supports single sign-on using the SAML standard. For more information about this, please refer to the FAQ which can be accessed at the following URL: http://support.ppolive.com/entries/56094217
Authorisation of users is achieved with user groups (which determine what they can do) in combination with data filters (which determine what information they have access to). In addition, custom validation can be implemented to further restrict the ability of users to perform certain actions.
All data is encrypted at rest (AES256) as well as during transmission (AES256/SSL).
Detailed audit logs are maintained of each users actions to ensure accountability and to provide traceability. These logs are also used by automated monitoring systems to provide information about current activity, usage and to identify anomalous behaviour. We have a sophisticated, event based, distributed monitoring system in place which ensures that all events, regardless of which server it occurred on, is logged to a central location within seconds of the event occurring.
As per the subscription agreement, all client data is treated as strictly confidential and will never be sold or otherwise wilfully disclosed. All backups are encrypted to protect against accidental or malicious disclosure. The logical separation of instances further mitigates the chance of accidental disclosure.
If a client decides to terminate their subscription, all data is logically deleted and through a process of data lifecycle management is eventually physically and permanently deleted after a set number of days. AWS also has specific processes in place to ensure that physical storage devices are safely and securely disposed of.