Key Facts

  • Servers are housed in a Tier 1 hosting facility with multiple redundant systems and security
  • Data are automatically backed up to a secure remote location nightly
  • Defense in depth achieved through a combination of firewalls, intrusion detection, and secure administration procedures
  • Clients' connection to servers protected with 256-bit encryption
  • Access permissions can be set for individual users
  • Optional two-factor authentication available with RSA SecurID tokens
  • Staff is pre-screened and bound by confidentiality agreements

Availability, Security and Confidentiality

Availability, security and confidentiality are the highest priorities at Backstop Solutions Group.

Availability

Backstop's servers are located in a Tier 1 hosting facility that includes multiple redundant systems for cooling, power management, fire suppression and internet connectivity. Backstop also maintains standby servers in a separate location, which can be quickly deployed with backup data to minimize service outage in case of a catastrophic event.

Nightly data backups automatically send client data to a secure storage facility, in a hardened data center, at a remote location. This ensures that recent backups are immediately available for disaster recovery.

Security

The physical security and integrity of Backstop's hosting facility is achieved and maintained by robust construction, comprehensive access controls, video surveillance monitoring, 24x7x365 security personnel and comprehensive certified policies and procedures.

The hosting facility's critical exterior perimeter walls, doors and windows are constructed of materials that afford UL-rated ballistic protection. Proximity card readers control access into perimeter doors, shipping/receiving areas, storerooms and other critical areas. Biometric hand print scanners control access into the most critical areas.

All servers are protected by a firewall that strictly limits access to only those ports that are essential for Backstop to function. The firewall also includes built-in intrusion detection functionality.

When clients connect to Backstop from their office, or anywhere else, all information is transmitted in encrypted format, utilizing the Transport Layer Security (TLS) protocol and 256-bit Advanced Encryption Standard (AES) algorithm. This is a strengthened version of the 128-bit cryptographic protocol typically utilized by major banks and prime brokers for transactions over the web. The NSA has approved 256-bit AES to protect "Top Secret" level classified information .

For the utmost in online security, Backstop Solutions Group software applications are available with optional RSA authentication tokens. RSA SecurIDŽ two-factor authentication is the only solution that automatically changes your password every 60 seconds, and has gone 15 years with no reported security breaches.

Confidentiality

Clients have the ability to set access permissions for all of the Backstop users in their organization. Backstop's roles-based security model allows the local administrator to determine which users have access to different categories of information within the application.

Backstop Solutions Group also takes measures to ensure confidentiality among staff. All members of the Backstop team are subject to comprehensive background checks prior to employment. Additionally, all employees are bound by strict non-disclosure and client data confidentiality agreements.

Return to Resource Library Adobe Acrobat PDF Download in PDF format

©2003-2007 Backstop Solutions Group, LLC.
Backstop is kick ass software