Infrastructure Security and Compliance
- Josh Luth
- Nate Edwards
- Patrick Murphy
SECURITY IS A PRIORITY
ESHA understands the importance of data security. Many of our clients are in highly regulated industries where strict industry guidelines is required.
Our Employees
All ESHA employees are given a background check prior to employment. Employees are also trained on handling of confidential or proprietary information, including customer data, and held to the expectations of the confidentiality of information policy.
Cloud Services / Data Center
ESHA chose Microsoft Azure Cloud Services as its provider for its unparalleled reputation for availability and redundancy, matched with a strong focus on security. Microsoft Azure follows the standard model of detect, assess, diagnose, stabilize and close. Paired with strong cybersecurity controls, this model has earned Azure multiple compliance certifications, all of which establish Azure as a leader in IaaS security.
ESHA believes that this level of protection is essential to thwart security threats and to protect your data.
Data Backup
User data stored in ESHA software databases is backed up regularly, and retained for 365 days, stored in a secure and fireproof location. If a client needs a restoration of data, ESHA will work with the client to restore requested data to the production environment.
In the unlikely event of a disaster, ESHA Cloud Services has a Disaster Recovery plan that acts as a key component to success and comfort with hosting. Should it be necessary, ESHA will employ the process outlined in the disaster recovery plan to be sure that our customers are up and running as soon as possible.
Provider framework
ARCHITECTURAL DESIGN
- Hardware provisioning (dedicated pool
of servers) - License provisioning
- Capacity planning and scaling
- Load balancing
SECURITY OPERATIONS
- Data Location Physical Security includes biometric security, key card access, mantrap entries
- Infrastructure with firewall, antivirus, antimalware
- Network layer — routers and switches
- Conditioned power, N+1
- Generators, N+1
IMPLEMENTATION
- Dedicated Project Management Team
- Existing Customer Data Migration Plan
- User/Company order processing and
provisioning
PRODUCTION / MANAGEMENT
- Order processing and setup of new
companies/customers - 24x7x365 monitoring of environment
and application(s) - 24 x7x365 Hardware Monitoring and
Scaling - OS Patching
- Upgrade Rollout (including QA)
- Support tools
- Regular data Backups, with 365-day retention, encrypted & off sited in a secure, fire proof location
- Disaster Recovery
- Ongoing QA of the environment