Networking and Monitoring

  • SOC 2 Type II ensures that the necessary security systems and controls are in place and operating effectively
  • Certified SOC2 Type II audits are undertaken annually by independent auditors
  • Unique VPN profiles maintained to limit access to minimum locations necessary
  • All production systems continuously monitored by a system with SMTP and SMS alerting capabilities
  • Custom and automated checks performed within the system to monitor specific elements
  • Web portal available for DIG staff to perform real-time status checks
  • DIG’s system itself monitored externally by a data center NOC to ensure that all systems remain available
Data Availability and Backups

  • Data maintained on systems using redundant disk arrays and redundant power supplies
  • Systems and data are backed up nightly
  • All data is encrypted in transit and at rest
  • Backups monitored and verified with monthly restore capability testing
  • Backup media is rotated offsite to ensure availability in the event of a physical disaster
  • An extensive disaster recovery and business continuity plan ensures minimal down-time in the event of massively disrupting events
Authentication, Authorization, and Auditing

  • Maintained via active directory infrastructure or AAA servers withing production infrastructures
  • Unique usernames and passwords required. Credentials are regularly updated
  • Access limited to least privilege
  • Multi-factor authentication protects systems and data assets from unauthorized access
  • Audit logs from servers, firewalls, IDS, etc. reviewed daily by IS team
Secure File Transfer

  • Data transfers into or out of DIG’s infrastructures use session layer encrypted tunnels via SFTP or HTTPS
  • Access to these systems requires unique usernames and passwords
  • Optional file-level encryption through in-house or proprietary PKI infrastructures
Physical Security

  • Secured Tier-3 facility manned 24/7
  • Monitored by external and internal video surveillance
  • Perimeter access via card swipe/PIN combination and/or escorted and assisted by a facility engineer
  • Interior access to data center controlled via card swipe/PIN combination into a mantrap with final ingress requiring a card/biometric swipe combination
  • Each rack secured via lock on front and rear doors
Additional Security Features

  • Redundant power with generator backups
  • Monitored by external and internal video surveillance
  • Multi-vendor, redundant commodity Internet bandwidth
  • Redundant cooling
  • Fire suppression controlled by pre-action delay dry system with warning and alerting infrastructure