Graphical Networks’ netTerrain Cloud platform is a highly reliable and secure solution, built on the Amazon Web Services (AWS) platform.
AWS is compliant with various industry-accepted security standards.
Our engineers utilize proven security technologies and techniques to protect netTerrain, its underlying systems and your data from intrusion and unauthorized access.
If you have any questions or need additional information, please email us at: email@example.com.
1. Where is your Cloud Hosting located?
Graphical Networks utilizes the Amazon AWS cloud infrastructure, for its data storage and backups and shares several AWS standards and accreditations. Our virtualized servers run primarily in the United States, US East (N. Virginia). Please consult with us first, for access on a server outside of the United States.
Amazon AWS is certified by the following security compliance standards:
ISO 27001, 27017, 27018
PCI-DSS Level 1
EU Data Protection Directive (95/46/EG)
Reference: Amazon Security Bulletins
2. Who has access to my data?
Graphical Networks does not share customer data with third parties. Administrative access to customer data is not available to anybody outside of the group of administrators set up by your organization’s main admin account.
Graphical Networks’ access to the backend database is restricted to a very small number of closely managed Graphical Networks administrators. Access to production systems and data follows the security standard of Least Privilege.
3. How is my data protected?
All software maintenance and configuration activities are conducted by Graphical Networks employees. The same databases are never used to store data from different clients (tenants), which is the safest and most robust approach for a multi-tenant enterprise solution. Graphical Networks employs industry standard practices for security controls such as firewalls, intrusion detection, and change management.
- 3.1 Network Security
- All traffic from and to our service is encrypted using the SSL/TLS protocol.
- All systems are firewalled to a minimal number of access points.
- 3.2 Account Security
- An account owner can access his separated account data by using his private password.
- Passwords are stored hashed and salted.
- Access to an account is logged, tracked, and audited.
- All database “CRUD” operations are audited.
- Account access can be restricted on a per role and per diagram basis
- 3.3 System Security
- All operating systems are maintained according to best practices in the industry.
- All recommended patch levels are applied.
- All systems are constantly monitored.
- 3.4 Secure Data Storage
- Data is stored on a virtualized server on Amazon AWS.
4. Graphical Networks Security Policies
Graphical Networks maintains, and annually updates, a general written Information Security & Access Policy, which details employee’s responsibilities toward confidentiality of client data and acceptable use of resources. All staff must review and sign this policy during on-boarding.
- 4.1 Segregation of Duties
Only authorized personnel can administer systems or perform security management and operational functions. Authorization for and implementation of changes are segregated responsibilities wherever appropriate to the organization. Access to client data is restricted to legitimate business use only.
- 4.2 Employee Screening
Graphical Networks employees are required to undergo background checks and provide specific documents verifying identity at the time of employment.
- 4.3 Terms of Employment
General information security responsibilities are documented in Graphical Networks Information Security & Access Policy, which all employees must sign as part of their onboarding.
- 4.4 Training
General information security training is provided to all new employees (both full time and temporary) as part of their onboarding. A compulsory annual security and privacy training requirement ensures employees refresh their knowledge and understanding. Additional security training is also provided to employees who handle client data.
- 4.5 Termination of Employment
Graphical Networks manages a formal termination process, which includes removal of any potential access to Graphical Networks and related data. The exit interview reminds ex-employees of their remaining employment restriction and contractual obligations.
5. After my account expires, what happens to my data?
When your SaaS account expires, all associated data is deleted within 60 days.
814 W. Diamond Ave. Suite 370 Gaithersburg, MD 20878 USA