Securing Your Data
The security of data, both your Firm's and Your Clients', is of paramount importance. The Adhesion platform was designed from the ground up to incorporate multiple levels of security to control access. With Adhesion your practice benefits from proven, "institution class" technology infrastructure.
All site credentials and sensitive client information are encrypted using the Advanced Encryption Standard algorithm (Rijndael) with unique 256-bit keys per user. All master passwords are also encrypted with a different 256-bit global key.
Operating systems are hardened to prevent backdoors and other system vulnerabilities. Software infrastructure components such as the database and application servers are configured on ports other than the default ports and up-to-date with all known security patches.
All communication to, from and between platform components occurs over SSL sockets with a 128-bit key. This makes sure that all communication including usernames and passwords exchanged between components happens on an encrypted channel. Adhesion ensures that web browsers connecting to the platform are using at least 128-bit encryption.
At the perimeter of the Adhesion complex, routers perform packet inspection and provide protection from malicious denial of service attacks. Our firewall configuration segments the LAN into a demilitarized zone (DMZ) that hosts the web servers and the proxy outgoing web server, and an internal NAT-ed network that hosts the application and the database servers.
Managed Intrusion Detection and Prevention System
Managed Intrusion Detection and Prevention System (MIDPS) is integrated into the network security fabric and is responsible for detecting anomalous, inappropriate, or other data that may be considered unauthorized on the network. Regular firewalls are configured to simply allow or deny access to a particular service or host based on a set of rules. MIDPS goes much further, enabling Security Operations Center to capture and inspect all traffic, regardless of whether it's permitted or not. Based on the content of each and every packet, it is determined if it is safe. MIDPS detects, alerts and blocks security threats including buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, backdoors, Trojans and Microsoft operating system and applications vulnerabilities, DdoS clients and many more.
Physical access to our hosting facility is limited to very few personnel. It can be obtained only through a multifactor authentication scheme that includes biometrics, a physical token and a PIN. In addition, video surveillance cameras are hidden throughout the facility, monitored 24x7, and strategically placed motion/vibration detection devices alert data center personnel of any forced entry.