IS Tools' systems are set up and managed to support mission-critical applications and we are committed to provide a reliable, available and secure enterprise-grade solution for you. At all times, IS Tools prioritizes security, integrity and performance.
IS Tools delivers an enterprise-grade service via strategically selected data centers worldwide.
Firewalls are utilized to restrict access to systems from external networks. By default, all access is denied and only explicitly allowed ports and protocols are allowed, based on business needs.
Port scanning is prohibited and every reported instance is investigated by our infrastructure provider. When port scans are detected, they are stopped and access is blocked.
Data is backed up from the primary data center to a different secure location every night. IS Tools maintains a comprehensive backup solution that includes website code, static files, and online backup of the database.
IS Tools' employees never access data on production servers unless required for support reasons. Support staff may sign into your application to view settings and data related to your support issue. Such access is granted on a temporary basis and support staff will only access data needed to resolve the issue.
IS Tools has implemented a comprehensive disaster recovery plan, taking into account a full loss of data center or destruction of IS Tools office. All application functionality and data at the latest backup will be restored at another data center and network traffic will be redirected to this location.
IS Tools is notified of vulnerabilities through internal and external assessments, system patch monitoring, and third party mailing lists. Major vulnerability is reviewed to determine if it is applicable to our environment, ranked based on risk, and assigned to the appropriate team for resolution.
Several processes for monitoring production servers are in place. Some examples of this are:
- Server monitoring
- Infrastructure monitoring
- Security monitoring
All data in customer applications is fully owned and managed by our customers. IS Tools does not claim ownership of customer data. Customers can export application and meta data (table and field configuration) at their discretion.
IS Tools utilizes an automated build and test system to ensure consistency, reliability, and to minimize risk of human error in the deployment process. There is a comprehensive process for testing before performing production releases, including both manual and automated tests.
IS Tools limits privileged access both to the information on the production servers and to the servers themselves strictly to its full-time operations and support team. Network layer controls ensure that privileged access is always enforced, using an encrypted tunnel. We protect your login from brute force attacks with rate limiting. All passwords are filtered from all our logs and are stored with one-way encryption. Login information is always sent over SSL.
Logical security is provided at multiple levels: network firewall, encryption, user credentials and fine-grained user permissions. Client access to the hosted server is entirely through IS Tools' application which is accessed over a HTTPS (encrypted HTTP) protocol. By default, all non-critical or unused services are disabled.
Users are required to use a username/password combination to gain access to any services. Passwords must meet the configurable complexity, re-use and expiry rules. We also allow you to use two-factor authentication, as an additional security measure when accessing your applications. Automatic systems are in use to prevent brute-force attacks on the login functionality.
Roles and permissions
Users accessing the application residing within IS Tools are individually created and managed by you. You have the possibility to view, modify or deactivate these user accounts. IS Tools has a highly advanced data permission setup, enabling you to set permissions on roles or users for administration forms, application configurations, record groups and individual data records.
The system allows logging data changes so that you can analyze which users that made changes to the data and when.