ProofHQ provides state-of-the-art security to ensure that your data is safe at all times. ProofHQ understands that data security is your priority, which is why we have made it our priority. ProofHQ invests significant resources to keep our security infrastructure updated and current. As a result, we provide unsurpassed levels of security and privacy for our clients.
ProofHQ servers are co-located in a purpose-built facility, the location of which is not declared for security reasons. The facility provides 24-hour CCTV and physical security, palm readers, Boon Edam door entry (airlock type entry), redundant electrical generators, redundant data centre air conditioners and other back-up equipment designed to keep servers continually up and running.
ProofHQ's backbone includes 4 connections to separate telecom providers with automated switch over and DNS updating. Network perimeters are protected by custom-configured firewalls provided by leading security vendors. ProofHQ routinely penetration tests all aspects of the network infrastructure.
Users access ProofHQ only with a valid username and password combination. These are encrypted using SSL while in transmission. Users' credentials are verified before access to the ProofHQ applications is granted. Users are prevented from choosing weak or obvious passwords e.g. name, address or postcode.
ProofHQ's application security model prevents one ProofHQ customer from accessing another's data. This security model is applied to every data request and enforced for the entire duration of a user session.
Inside the perimeter firewalls, systems are safeguarded by network address translation, port redirection, IP masquerading, non-routable IP addressing schemes, etc. Exact details of these features are not disclosed for security reasons.
ProofHQ enforces tight operating system-level security by using a minimal number of access points to all production servers. All operating system accounts are password protected. Production servers do not share a master password database. All operating systems are maintained at each vendor's recommended patch levels for security. All operating systems are further secured by disabling and/or removing any unnecessary users, protocols and processes.
Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is limited to a number of points. Production databases do not share a master password database.
All data entered into the ProofHQ application by a customer is owned by that customer. ProofHQ employees/representatives do not have direct access to the ProofHQ production equipment, except where necessary for system management, maintenance, monitoring, and backups. ProofHQ employees/representatives who have access to the production equipment are rigorously background checked.
ProofHQ's applications reside on clustered servers ensuring the highest levels of availability. All customer data, up to the last committed transaction, is automatically backed up to a primary tape library on a nightly basis. Backup tapes are immediately moved to secure, fire-resistant off-site storage on nightly basis.
Our hosting facility has been designed to withstand many foreseeable catastrophic failures such as power outages, contractor mishaps, fire, flood, and theft. The site has power that is supplied on separate feeds entering from different sides of the building. It also has full UPS and generator capabilities in case of a power outage. In the unlikely event of a catastrophic site failure, ProofHQ has a comprehensive recovery plan in place. Additional hosting equipment at a separate location is capable of performing all hosting functions in the case of such an emergency, with sufficient capacity for customers until such time as ProofHQ's applications can be restored at their original location or at a replacement hardened hosting facility.
ProofHQ provides a best-of-breed security infrastructure comprising proven, cutting-edge technologies. ProofHQ delivers the most comprehensive security available, including firewalls and encryption devices sourced from leading Internet security vendors, configured by expert professionals, and rigorously tested before going into production.