topleft topright

Data Security

Data is secured behind a hardware firewall and system specific configurations. Both the firewall and individual servers have specifically set permissions. A visual representation of our current setup is below.

Network

Log in attempts are logged. If these attempts are abnormal or happen to frequently the system will suspend that users account and alert an administrator. During registration when a new user is selecting a password we display information on the strength of his or her password. This is to encourage secure password selection and ensures weak passwords do not lead to unauthorized access of data. User input data is escaped on input to stop injection of JavaScript and HTML that could have otherwise been re-displayed other users. Since user input is escaped the risk or SQL injection is removed.

Once a connection is established all request for database data must be made by the web server. The web server validates user authentication. It is not possible for connections directly to the database server from the cloud. Images and other files are not publicly accessible. These media files are severed per request of the user and only after the web application (MDI Log) has verified they have access to view the file in question.

Apache SSL encryption is used to provide secure HTTP traffic. All SSL traffic is encrypted using a resisted SSL certificate through Thawte (www.thawte.com). The HTTP traffic is secured using 128-bit encryption.

The hardware firewall that sits between the cloud and the MDI Log web application has been configured to only allow HTTP and HTTPS access publicly. SSH and FTP access is limited to a set of safe IP address used for server administration. These IP address, hardware, and users behind these address are controlled by ORA directly. The network activity is monitored and any abnormally heavy or out of the ordinary traffic causes an alert to system administrators.

Backups of system data are compiled incrementally nightly and full snapshots are taken weekly on non peak hours. Full snapshots are held in secure off site locations.

Tbottomh3

This RSS feed URL is deprecated

This RSS feed URL is deprecated, please update. New URLs can be found in the footers at https://news.google.com/news
Tbottomh3

10-Year-Old New Canaan Boy Who Died Suddenly Had Flu: Coroner - NBC Connecticut

10-Year-Old New Canaan Boy Who Died Suddenly Had Flu: CoronerNBC ConnecticutA 10-year-old New Canaan boy who died suddenly over the weekend had the flu, according to the medical examiner in Buffalo...
Tbottomh3

Coroner's office stays busy with more cases in 2017 - Daily Record-News

Coroner's office stays busy with more cases in 2017Daily Record-NewsDue to population size, Kittitas County was required to have a dedicated, elected coroner's office in 2015. Duties previo...
Mdilog by ORA Inc.