Security must be taken seriously. We have gone the extra mile to ensure that your data will not only be stored in a well-designed infrastructure, we make sure that all servers are monitored 24x7 for intrusions and is on a regular update schedule. We leverage the Oracle Cloud for the storage of all sensitive information to your Family Office, and utilize the High Availability set-up on an Acquia Enterprise subscription for delivery of our easy-to-use dashboards, providing that sensitive financial information is loaded, live, directly from the Oracle Cloud.
- Oracle Cloud
- Aligned with International Organization for Standardization (ISO) 27001:2013 security controls. The ISO security framework includes a comprehensive set of security controls that are used as a baseline for the operational and security controls utilized to manage and secure the Cloud Service.
- The internal controls of the Cloud Services are subject to periodic testing by independent third party audit organizations. Such audits may be based on the Statement on Standards for Attestation Engagements (SSAE) No. 16, Reporting on Controls at a Service Organization (“SSAE 16”), which supersedes the SAS70, the International Standard on Assurance Engagements (ISAE) No. 3402, Assurance Reports on Controls at a Service Organization (“ISAE 3402”), or such other third party auditing standard or procedure applicable to the specific Cloud Service. SOC1 & SOC2 audit reports for cloud infrastructure are available upon request.
- SOC reports are done semi-annually
- Penetration tests are performed monthly
- Everything is stored on an RAC-enabled database, as well as N+1 VM at the middle tier
- Documented disaster recovery plan is in place, with an RTO of 12 hours and an RPO of 1 hour. This is tested annually.
- Single Sign-on (SSO) Log-in Available
- 24x7 Data Center monitoring and maintenance
- Oracle-based multi-tenancy at Hardware Level
- Complete data isolation assured through Oracle tenancy architecture
- All data at rest encrypted using transparent data encryption
- All data from end user to and from server is sent protected by TLS 1.2 256-bit encryption
- The Oracle Cloud Services utilize Network Intrusion Detection Systems (nIDS) to protect the environment. nIDS sensors are deployed in Intrusion Prevention Mode (IPS) or Intrusion Detection Mode (IDS) on the network, to monitor and block suspicious network traffic from reaching the internal network. nIDS alerts are routed to a centralized monitoring system that is managed by the security operations teams 24x7x365.
- HIPAA Compliance
- VPN Tunnel
- IP Whitelisting