Security and Customer Data Protection

The security, integrity, and availability of your data are our top priorities. We know how vital it is to your business success. To ensure you never have to worry, we use a multi-layered approach to protect and monitor all your information.

Customer Data Protection

IT GEEK is a multi-tenant Software-as-a-Service (SaaS) product hosted on a virtual private cloud (VPC).

  • Customer data is shared on the same physical environment but is logically separated to ensure secure access
  • IT GEEK can be accessed across the Internet from secure and encrypted connections (TLS 1.2) using high-grade 2048 bit certificates
  • Individual user sessions are protected by unique session tokens and re-verified on each transaction
  • Customers can control the session security settings for people using their instance
  • Login credentials and access tokens are encrypted at rest

Application Security

ITGEEK tests all code for vulnerabilities before each release, and regularly holds security reviews.

  • Security reviews and threat assessments are based on Open Web Application Security Project (OWASP)
  • IT GEEK services are based on proven and secure Open Source solutions and custom applications
  • Third-party security assessments are held on a regular basis to detect vulnerabilities and potential threats

Administrative Controls

  • Access to customer data is restricted to authorized personnel only, according to documented processes
  • Access to application servers is limited to authorized personnel only

Security Monitoring

  • The engineering team monitors internal and external security events and implements corrective actions
  • Application logs are monitored and analyzed automatically. Alerts about critical events and abnormal activities are automatically sent via email and push notifications to relevant members of the team
  • Additional controls are in-place to ensure that login credentials and tokens are excluded from application logs

Physical and Environmental Security

IT GEEK data-center is hosted on AWS West EU The data-center provider maintains environmental security controls such as:

  • 24×7 onsite protection against unauthorized entry
  • Biometric scanning for controlled data center access
  • Security camera monitoring
  • Redundant HVAC (Heating Ventilation Air Conditioning) units which provide consistent temperature and humidity within the raised floor area
  • Sensors to detect environmental hazards, including smoke detectors and floor water detectors
  • Raised flooring to protect hardware and communications equipment from water damage
  • Fire detection and suppression systems (dry-pipe, pre-action water-based)
  • Redundant (N+1) UPS power subsystem with instantaneous failover

Service Availability Controls

  • Every component in the application infrastructure is redundant. There are at least two of each components that processes the flow and storage of data. All network devices, including firewalls, load balancers, and switches are fully redundant and highly-available
  • Our primary database resides on Amazon Aurora which offers greater than 99.99% availability. It has fault-tolerant and self-healing storage built for the cloud that replicates six copies of your data across three Availability Zones. Aurora continuously backs up data and transparently recovers from physical storage failures; instance failover typically takes less than 30 seconds