Security vulnerabilities pose multi-billion dollar threats to corporations. In order to protect our clients, CNMC Corp provides the industry's most potent security tools and techniques backed by the industry leading security analysts. We have designed our processes specifically for enterprise level Internet initiatives.
CNMC's security policy and guidelines uphold the standard set out in ISO 27002, the latest security template for ISO. CNMC offers our clients security in layers. The layers of defense for your servers include: Building Security, Physical Access to Facility, Physical Access to Servers, Network Access to Servers, Network Connectivity, External Threat Awareness, Secure LAN Extensions and most importantly, Our Staff.
On-site uniformed security personnel monitor the premises and surrounding area. A customized security system and protocol is in place, supporting a configurable point monitoring and access control system on a 24/7/365 basis.
All data centers are staffed by at least two uniformed guards at all times with non-tenant visitation restricted to “by appointment only.” The guards have scheduled patrols and the building is set up with closed circuit cameras that are monitored 24/7 from the facility Network Operations Center. All visitors must first identify themselves to security with government issued Photo ID. All visitors should be expected to leave their government issued Photo ID with security until they are ready to leave the premises.
Photo identification access cards are required to access the server suites. Within the server suites, each dedicated cabinet or cage is locked and only accessible by authorized CNMC Network Engineers.
Perimeter defense is comprised of firewall appliances. CNMC utilizes best of breed firewalls from Cisco. We secure our network infrastructure by using a positive security model. This means that everything will be denied-by-default and only required and approved traffic will be allowed through in either direction.
All CNMC serviced machines have up-to-date anti-virus and anti-spyware software installed. Windows servers are patched regularly and kept up-to-date.
Our on-line client portal provides detailed real-time network traffic analysis. Firewall logs are monitored, analyzed and stored. Incidents are handled under our rigorous incident handling procedures with the client informed of any incidents.
Our sophisticated firewall infrastructure is configured to prevent intrusions and report all activity that is considered suspicious. All servers are monitored for security threats and are kept patched to current security levels. Our network and system security personnel are vigilant at remaining current and pro-active in intrusion detection and prevention technology.
By utilizing proactive technologies that operate in concert with proactive security processes, such as penetration testing and security auditing, CNMC prepares for any external threats we could face.
CNMC utilizes a dedicated, secured and private fibre optic LAN extension to connect between our data centers and also to connect to our clients when required. The connection ensures that only the specific and required traffic travels between the two sites and that your local network is isolated from the web hosting environment traffic. To further enhance the security of data traveling between our facilities and our client’s data center, we utilize encryption on all data traveling on the LAN extension. The encryption establishes a VPN channel over the private LAN extension to our facilities.
The key to our overall Security model is our highly skilled and highly dedicated staff. The CNMC security team continually monitors commercial -based security and vulnerability alert services and community-based security discussions. We subscribe to the WatchGuard Live Security Informer, CERT, US-CERT, Symantec Deepsight Alert Services and all software vendor security bulletins.
The security team regularly scans system and network devices to ensure that only known and required services are residing on the systems. Our team quickly identifies any changes or "out of spec" parameters that could potentially indicate a threat to the system.