Security needs and security goals
- The core principles of the EPLASS IT-security are organized in well-balanced proportions of confidentiality, availability and integrity.
- We always keep the relation between system security, handling and the required functionality for our customers in mind.
- Frequent audits, also carried out by our clients, guarantee the highest possible standards of security, data privacy protection & confidentiality. Your data is safe with EPLASS!
- Our two physically separate certified datacenters run partly in the active/active or in the active/passive operating mode. The file-/database servers are organized in a so-called cluster, which means, that the entire information between the datacenters is being mirrored in real time.
- Configured application server farms and also the cluster assure an extremely high reliability. Should one of our datacenters be inaccessible, it is guaranteed, that the main system keeps running without significant interruption.
- Both our datacenters are linked among each other and also into the world wide web via Fibre-optic cable. This provides a fast connection with a very high bandwidth.
- A redundant energy supply with UPS system, based on a Diesel generator and storage battery cells, ensures the availability also in the case of a power outage in the datacenters. Precision air conditioners and fire-resistant materials are the complementary measures for a secure and unobstructed system operations in the datacenter.
- In terms of the selection of our IT-components we have set great value on high-quality solutions from leading manufacturers.
- Our servers are equipped with a redundant array of independent hard discs (RAID system) as well as redundantly dimensioned power supply units.
- An internal and external monitoring-system controls the key server- and performance parameters. That allows the network administration, using the systems integrated alarm system, to promptly act on disturbances even outside the office hours.
Security of your data – Confidentiality
- The access to the datacenters is only permitted for a small group of authorized persons, who must pass through a three-step access control system for authentication.
- Our access points are, without exception, protected by „unified threat management“ Firewall – Appliances. A centralized collection of diverse safety mechanisms offers an effective and comprehensive protection for the data, entrusted to our care. The active/passive operation mode of the appliances ensures a quick operation recovery in case one of the of the security components fails.
- Two separate authentication systems allow the customers the access to our system.
- Furthermore we achieved an increased security for our platform with a physical separation of the Front and Back-end, by splitting them in an application- and a file-server.
- The transmission of data between the EPLASS user and our datacenter is being carried out with a hybrid encryption protocol. This prevents the transmission of clear text information such as login information during the entire connection period.
- Various user- and system related security directives are held in the system, as additional security mechanisms to protect our customer’s data.
Access control - Authorization
- The differentiation of access rights is being made with a combination of file system-rights, consistant access control lists for databases, role allocations and the authorization for the release of drawing documents.
- The integrity of the data and information to be edited and saved is given through appropriate technical measures in the server- and application level. This includes extensive protocol functionalities and specific checks from the server on the data pool integrity, in order to guarantee and retrace the completeness and unchangeability of the data pool at any time.
Virus Protection Concept
- EPLASS has arranged a bundle of organisational and technical measures for an early and effective detection of the most diverse forms of viruses. The corresponding countermeasures can be launched at an early stage, and thus it is possible to minimize damage to the system.
- An essential aspect of our virus protection is the constant checking of the system efficiency with a continual and automatized update of the used virus protection solution.
- A proliferation of viruses can almost be excluded due to the system architecture as it is being used in EPLASS.
Security Concept / „Worst-Case-Scenario“
- The availability of data at any time is an important factor for a successful business. Besides all technical measures and efforts, EPLASS has developed a wide-ranging data security concept for a „worst-case-scenario“ in order to be able to provide the maximum security for our customer’s data.
- All data files are exported every day via fiber optic link to a third location, where they are being saved with the so-called grandfather-father-son-backup (GFS), using tape-libraries on magnetic tapes. These tapes are stored in a certified, water and fire-proof safe.
- EPLASS provides consequent and fast disaster recovery measures with short and pre-defined processes.