Security & Data Protection

Secure, reliable data access is of critical importance to our clients. By leveraging best of class technology along with data security best practices, The Network avoids costly systems disruptions and maintains system availability at the highest possible level.

The Network is committed to maintaining and continually enhancing our security posture. We adhere to the “depth-in-defense” strategy to secure all of our systems and data. When it comes to security and testing the effectiveness of our strategy, we utilize various resources and have introduced numerous technologies and testing methods over the years as a way to validate our security controls and defenses. Our approach to technology calls for proven, scalable system architectures and resources so that we can always meet the ever-changing needs of our clients.

Security

The Network employs industry-leading security and operational processes to ensure that client data is secure and programs operate smoothly 24/7/365. As a testament to our dedication to security, The Network recently underwent security penetration and web application testing, performed by SunGard. We also utilize the QualysGuard Vulnerability Management service and have included this tool into our SDLC (Software Development Life-Cycle) process. Additionally, we are registered through multiple Technical Security Notification Services.

We have various controls in place to adequately manage and protect network security and data:

Intrusion Detection – All production servers and networking equipment are protected by a NIDS (Network Intrusion Detection System), both internally and externally. These systems are configured to identify issues or anomalies that may require action from our Network Operations staff.
Patch Management – The Network utilizes a tiered approach to patch management and administers patches through Microsoft’s WSUS service to ensure all systems are patched and up-to-date.
Anti-Virus – The Network utilizes an enterprise-class, third-party anti-virus solution, enabling daily virus definition updates, plus real-time monitoring, disinfection, and automated notification.
Network Controls – Our infrastructure includes redundant firewalls which utilize stateful packet inspection technology. Our layered security architecture includes a DMZ for hosting our public facing servers and utilizes NAT (Network Address Translation).VLAN segmentation and Access Control Lists are also used to further segment our networks and secure them from unauthorized access.
Encryption of Data in Transit – Encryption is customized per client. We offer multiple encryption options, including TLS, PGP or SFTP. Our public-facing ASP applications use extended validation SSL certificates to encrypt data. All certificates are purchased through our managed PKI service with VeriSign.

Our Data Centers

The Network uses the “depth-in-defense” architecture when it comes to protecting customer’s data. Our co-located production systems (U.S. and international) are maintained in a facility that specializes in storage and availability services by a Tier-1 provider who is recognized as a leader in technology services and currently serves more than 25,000 customers in 70+ countries.

These production data centers provide n+1 redundancy for all environmental necessities, including cooling, power and network connectivity, and are protected by FM200 Fire Suppression and VESDA (Very Early Smoke Detection) systems. The Network leverages state-of-the-art blade servers, virtualization, cloud infrastructure, firewalls, and switch architecture technologies to virtualize our web, application and dissemination servers and segregate public web server traffic into partitioned de-militarized zone (DMZ) networks.

These facilities are monitored 24/7/365 and include on-site security, a strict access authorization process, multi-level key card protection and biometric scanning.

Our proven, multi-layered data backup methodology utilizes various backup technologies and backup schedules to dramatically reduce recovery time in the event of a failure.

Data Privacy

The Network holds Safe Harbor certification and our business operations are SSAE 16 / SOC 2 certified. The Network’s SSAE 16 certification/SOC 2 audit was performed by the independent firm of Cherry, Bekaert & Holland, L.L.P. (CB&H) and recognizes The Network’s commitment to providing secure, reliable and effective operations.

Business Continuity

A thorough business continuity plan provides for everything from redundant systems and operating capabilities to the complete relocation of our contact center to a backup facility. The Network maintains a Documented Business Continuity/Disaster Recovery Plan which mandates recovery time and recovery point objectives specific to intake and data management services.

Our Technology

The Network delivers our solutions via the Software-as-a-Service (SaaS) distribution model, which reduces our clients’ costs while dramatically improving their implementation timeline. This model allows us to provide high functioning solutions with seamless, automated upgrades and feature improvements that always meet or exceed client expectations. With the SaaS delivery format, our clients have the freedom to access their data, track their workflows and manage their day-to-day activities from any location. Our approach simplifies administration and ensures compatibility while greatly improving collaboration between users and scalability.

IN THE NEWS

Top 12 GRC Considerations for Financial Companies in 2012

While regulation is certainly not a new concept to the financial industry, the risks posed by regulatory non-compliance will continue to drive global enterprises to tighten their focus on risk management – literally, the center of GRC – and find the balance between business value and business ethics.