OVERVIEW

This guide outlines the systems in place to protect your data and ensure business continuity for FinPlan Cloud users.

People’s biggest concern about data storage ‘on-line’ in the cloud is the security measures that are taken to protect the data and ensure that only authorised persons have access to the information. This guide presents the measures we have taken with FinPlan Cloud to protect your data from unauthorised access.

Your data is valuable and you have a duty of care to ensure that it is both secure and can be recovered in the event of a disaster such as a fire, flood or physical theft of your equipment.
Bluecoat Software has taken steps to reduce the risks associated with potential data loss and provide robust systems to support your business.

BENEFITS SUMMARY

  • AES ‘military grade’ encryption used in communications to prevent data interception;
  • Data held entirely within the EU to meet your Data Protection obligations;
  • Monitored hardware firewall to ensure only authorised connections can be established;
  • Only best-of-breed service providers used for storage. With household names such as Microsoft, Amazon and Rackspace providing their technical expertise you can be confident
    that proven and effective security strategies are in place;
  • Regular external penetration testing is completed to ensure that protection remains current and new risks are identified;
  • Server platform utilises hot-swap mirrored data drives that greatly reduces the chance of
    accidental data loss or corruption;
  • Complete disaster recovery program in place for business critical documents and data;
  • Hardware redundancy in-place with fall-back servers waiting to take over in the unlikely event
    of physical server failure;
  • On-going development to further enhance security to address new security threats as they are identified.

SECURITY

When you are accessing your FinPlan data, it is via an authenticated and encrypted connection to the server – your data and documents are stored separately from other firms using the FinPlan Cloud service and only authorised users have access to your data.

We use a challenge-response mechanism based on a cryptographic hash algorithm to authenticate users connecting to the FinPlan Cloud server. The password is never sent in clear text. Once a user is authenticated we use AES to encrypt all communications over the Internet.

Where your own clients access the FinPlan Portal, they do so using enforced strong passwords and with device authentication then ensures they have access only to their data. The hardware firewall is monitored for intrusion attempts and is regularly patched with the latest firmware updates recommended by the manufacturer.

AUTOMATED BACKUP

Data stored on FinPlan Cloud is automatically backed up to multiple physical
locations at different high-quality service providers.

  • All data repositories are within the EU and your data is guaranteed to never
    leave the EU;
  • All files (including document filenames) are encrypted with AES-256 Encryption so they can
    only be viewed or modified by you, using the FinPlan software and cannot be accessed
    directly;
  • Onsite backups are created daily;
  • Offsite backups (still within the EU) are generated weekly.

Should you wish to maintain your own regular backups of the FinPlan Cloud data, this can be provided via your Amazon
S3 backup service.

Please contact [email protected] for additional details.

VERSIONING

FinPlan Cloud incorporates automatic document revision versioning so that once created, any modifications are audited.

Your FinPlan documents are permanent.

You can view the revision history from within FinPlan and even re-create historic versions, so in the event that a document has been inadvertently modified, any previous version can be recovered.

Even accidental deletions can be recovered from within the FinPlan software.

RECOVERY

One of the key components in your disaster recovery strategy is that with your data and documents held securely on FinPlan Cloud. In the event of a local event, such as fire, flood or theft you can quickly restore your business operation from any location simply by providing a PC and internet connection.

The cloud service provider selected by Bluecoat Software is Rackspace. Their expertise in cloud services offers a 99.9% guaranteed uptime and ‘best of breed’ security model (see http://www.rackspace.com/security).

Bluecoat Software has their own comprehensive disaster recovery plans in place, including hot standby servers which means, in the tremendously unlikely event of an unrecoverable server failure fall-back servers are ready to be brought on-line in a matter of minutes.

PENETRATION TESTING AND ON-GOING DEVELEOPMENT

  • Unfortunately, the threat landscape to security changes on a regular basis as new ‘exploits’ and vulnerabilities are identified in systems.
  • Bluecoat Software has a program of regular Penetration Testing, performed by an external company against our servers. This involves the tester using their expert knowledge of the tools and tricks that real-world hackers have at their disposal to attempt to circumvent the protections that we have in place.
  • Should they discover any vulnerability that has not been previously considered they report to us so that we can implement the recommended ‘hardening’ measures. In this way, we can be sure that our systems will remain as secure as possible.
  • We also actively develop new solutions to improve security, such as the ability to control access to FinPlan from specific IP addresses – meaning that, for example, you can mandate that only users who are physically connected to your office network can access the system.
  • The standard software also supports two-stage authentication – where you will be able to control which specific PCs you wish to allow access from.

SUMMARY

System security is our number one priority

We want you to feel confident that your data is safer in FinPlan Cloud than it would be in your own office. Should you have any questions or concerns not addressed by this guide, please email [email protected] for assistance.