topleft topright

Data Security

Data is secured behind a hardware firewall and system specific configurations. Both the firewall and individual servers have specifically set permissions. A visual representation of our current setup is below.

Network

Log in attempts are logged. If these attempts are abnormal or happen to frequently the system will suspend that users account and alert an administrator. During registration when a new user is selecting a password we display information on the strength of his or her password. This is to encourage secure password selection and ensures weak passwords do not lead to unauthorized access of data. User input data is escaped on input to stop injection of JavaScript and HTML that could have otherwise been re-displayed other users. Since user input is escaped the risk or SQL injection is removed.

Once a connection is established all request for database data must be made by the web server. The web server validates user authentication. It is not possible for connections directly to the database server from the cloud. Images and other files are not publicly accessible. These media files are severed per request of the user and only after the web application (MDI Log) has verified they have access to view the file in question.

Apache SSL encryption is used to provide secure HTTP traffic. All SSL traffic is encrypted using a resisted SSL certificate through Thawte (www.thawte.com). The HTTP traffic is secured using 128-bit encryption.

The hardware firewall that sits between the cloud and the MDI Log web application has been configured to only allow HTTP and HTTPS access publicly. SSH and FTP access is limited to a set of safe IP address used for server administration. These IP address, hardware, and users behind these address are controlled by ORA directly. The network activity is monitored and any abnormally heavy or out of the ordinary traffic causes an alert to system administrators.

Backups of system data are compiled incrementally nightly and full snapshots are taken weekly on non peak hours. Full snapshots are held in secure off site locations.

Tbottomh3

Victim identified in Saratoga murder-suicide - The Mercury News

The Mercury NewsVictim identified in Saratoga murder-suicideThe Mercury NewsOn July 17, she and her 81-year-old husband Robert Sandie were found shot to death inside their home on the 19000 block o...
Tbottomh3

EDC Las Vegas 2017 Death Ruled an Accident from Ecstasy Toxicity - EDM Life

EDC Las Vegas 2017 Death Ruled an Accident from Ecstasy ToxicityEDM LifeThe Clark County Office of the Coroner/Medical Examiner reported that Morse's death on June 17, 2017 was an accident from...
Tbottomh3

Medical Examiner Rules Death of Judge Sheila Abdus-Salaam a Suicide - The Root

The RootMedical Examiner Rules Death of Judge Sheila Abdus-Salaam a SuicideThe RootJudge Sheila Abdus-Salaam, who had the distinction of being the first African-American woman to serve on the New Y...
Mdilog by ORA Inc.