Security Overview for OnContact CRM Hosted Solution
At OnContact, we recognize that the privacy, reliability and accessibility of our customers’ information is of utmost importance. We take great measures to administer a security policy that protects our customers’ key data and ensures the CRM environment is fully functional.
The Oncontact CRM hosted (cloud-based) solution is hosted in Amazon’s AWS (Amazon Web Services) cloud infrastructure. AWS delivers a highly available and secure hosted CRM package with the following shared security features.
Physical CRM Security
- AWS’s world-class, highly secure data centers utilize state-of-the art electronic surveillance and multi-factor access control systems.
- Data centers are staffed 24/7 by trained security guards, and access is authorized strictly on a least privileged basis.
- Environmental systems are designed to minimize the impact of disruptions to operations.
- Multiple geographic regions and Availability Zones allow you to remain resilient in the face of most failure modes, including natural disasters or system failures.
Network CRM Security
- Built-in firewalls: Servers reside within a Virtual Private Cloud (VPC) subnet, where the egress and ingress are controlled. Perimeter firewalls and edge routers block unused protocols.
- Internal firewalls segregate traffic between the application and database tiers.
- Private Subnets: The AWS Virtual Private Cloud (VPC) service adds another layer of network security to servers by creating private subnets.
- Access to hosted resources is restricted to a small group of administrative users in order to perform maintenance and setup tasks.
- The AWS virtual infrastructure is designed to provide optimum availability while ensuring complete customer privacy and segregation.
- Oncontact CRM hosted on the AWS environment has been achieving 99.99% up-time on a recurring basis.
- Customer and system databases are backed up incrementally each night, with full backups performed weekly. Backups are stored in Amazon’s secure EC2 environment.
- Weekly backups are made for disaster recovery and are stored in Amazon’s S3 West Coast Environment.
- Systems are monitored 24/7 via automated Amazon performance and outage monitoring systems with warnings and alarms set to contact the administrative group via SMS and email.
- Access to all hosted servers is available to selected administrative users only from within the Workwise domain.
- Data is moved and stored on a weekly basis into a different AWS region.
- The infrastructure is tested periodically for functionality and data integrity to make sure everything is ready if and when a disaster strikes.
Testing & Assessments
- Quarterly penetration Testing performed by Workwise.
- Annual penetration tests performed by 3rd party vendor.
- Application vulnerability threat assessments.