Four-Point Security
Epiphany's multi-faceted security policy is designed to ensure that your data is secure, available and resilient.
Application Security
- Best practices used in the random generation of initial passwords
- All data encrypted during transmission using independently generated root SSL certificates
- Strictly enforced user access rights to view, edit and delete data
- Full audit trail of key data changes
- Support-ticket history available for review at dedicated support portal
Physical Security1
- Data centre access limited to data centre technicians
- Biometric scanning for controlled data centre access
- Security camera monitoring at all data centre locations
- 24x7x365 onsite staff provides additional protection against unauthorised entry
- Unmarked facilities to help maintain low profile
- Physical security audited by an independent firm
System Security1
- System installation using hardened, patched OS
- System patching configured to provide ongoing protection from exploits
- Dedicated firewall and VPN services to help block unauthorised system access
- Data protection with managed backup solutions
- Optional, dedicated intrusion detection devices to provide an additional layer of protection against unauthorised system access
- Distributed Denial of Service (DDoS) mitigation services
- Risk assessment and security consultation by professional external consultants
Operational Security1
- ISO17799-based policies and procedures, regularly reviewed as part of SAS70 Type II audit process
- All employees trained on documented information security and privacy procedures
- Access to confidential information restricted to authorised personnel only, according to documented processes
- Systems access logged and tracked for auditing
- Secure, encrypted access for upgrades and maintenance
- Fully documented change-management procedures
- Independently audited disaster recovery and business continuity plans in place for data centre and support services
1 Applies to managed hosting only
