topleft topright

Data Security

Data is secured behind a hardware firewall and system specific configurations. Both the firewall and individual servers have specifically set permissions. A visual representation of our current setup is below.

Network

Log in attempts are logged. If these attempts are abnormal or happen to frequently the system will suspend that users account and alert an administrator. During registration when a new user is selecting a password we display information on the strength of his or her password. This is to encourage secure password selection and ensures weak passwords do not lead to unauthorized access of data. User input data is escaped on input to stop injection of JavaScript and HTML that could have otherwise been re-displayed other users. Since user input is escaped the risk or SQL injection is removed.

Once a connection is established all request for database data must be made by the web server. The web server validates user authentication. It is not possible for connections directly to the database server from the cloud. Images and other files are not publicly accessible. These media files are severed per request of the user and only after the web application (MDI Log) has verified they have access to view the file in question.

Apache SSL encryption is used to provide secure HTTP traffic. All SSL traffic is encrypted using a resisted SSL certificate through Thawte (www.thawte.com). The HTTP traffic is secured using 128-bit encryption.

The hardware firewall that sits between the cloud and the MDI Log web application has been configured to only allow HTTP and HTTPS access publicly. SSH and FTP access is limited to a set of safe IP address used for server administration. These IP address, hardware, and users behind these address are controlled by ORA directly. The network activity is monitored and any abnormally heavy or out of the ordinary traffic causes an alert to system administrators.

Backups of system data are compiled incrementally nightly and full snapshots are taken weekly on non peak hours. Full snapshots are held in secure off site locations.

Tbottomh3

At state morgue, a backlog has grown amid opioid epidemic - Bluffton Today

At state morgue, a backlog has grown amid opioid epidemicBluffton TodayATLANTA (AP) — One by one on a single day earlier this month, coroners from eight counties contacted the Georgia Bureau of Inv...
Tbottomh3

PUBLIC SAFETY CRISIS: Bodies roll in, evidence stacks up at ... - Meridian Star

Meridian StarPUBLIC SAFETY CRISIS: Bodies roll in, evidence stacks up at ...Meridian StarHer dark blond hair hung, limp and dirty, on the gurney. Her fingers were black with fingerprinting ink, one...
Tbottomh3

Body found in pond ruled drowning - Pine Bluff Commercial

Body found in pond ruled drowningPine Bluff CommercialJefferson County Coroner Chad Kelley pronounced Miller dead at the scene, and Miller's body was sent to the Arkansas State Medical Examiner...
Mdilog by ORA Inc.