SECURITY OVERVIEW PCR understands that the confidentiality, integrity, and availability of our customers' information are vital to their business operations and our own success. We use a multi-layered approach to protect that key information, constantly monitoring and improving our application, systems, and processes to meet the growing demands and challenges of security. Secure data centers Our service is collocated in dedicated spaces at top-tier data centers. These facilities provide carrier-level support, including: Access control and physical security 24-hour manned security, including foot patrols and perimeter inspections Biometric scanning for access Dedicated concrete-walled Data Center rooms Computing equipment in access-controlled steel cages Video surveillance throughout facility and perimeter Building engineered for local seismic, storm, and flood risks Tracking of asset removal Environmental controls Humidity and temperature control Redundant (N+1) cooling system Power Underground utility power feed Redundant (N+1) CPS/UPS systems Redundant power distribution units (PDUs) Redundant (N+1) diesel generators with on-site diesel fuel storage Network Concrete vaults for fiber entry Redundant internal networks Network neutral; connects to all major carriers and located near major Internet hubs High bandwidth capacity Fire detection and suppression VESDA (very early smoke detection apparatus) Dual-alarmed, dual-interlock, multi-zone, pre-action dry pipe water-based fire suppression Secure transmission and sessions Connection to the PCR environment is via SSL 3.0/TLS 1.0, using global step-up certificates from Verisign, ensuring that our users have a secure connection from their browsers to our service Individual user sessions are identified and re-verified with each transaction, using a unique token created at login Network protection Perimeter firewalls and edge routers block unused protocols Internal firewalls segregate traffic between the application and database tiers Intrusion detection sensors throughout the internal network report events to a security event management system for logging, alerts, and reports Backups All data are backed up to tape at each data center, on a rotating schedule specified in your Agreement Testing and assessments PCR tests all code for security vulnerabilities before release, and regularly scans our network and systems for vulnerabilities. Security Monitoring Our Information Security department monitors notification from various sources and alerts from internal systems to identify and manage threats. Security Logs All salesforce.com systems used in the provision of the Salesforce Services, including firewalls, routers, network switches and operating systems, log information to their respective system log facility or a centralized syslog server (for network systems) in order to enable the security audits referred to above.
© Copyright 2016 ExploreDoc