Sunday, December 26, 2010

The Taxonomy of Data Security

Occasionally Superior Document Services receives requests from customers and potential customers wanting assurance that their highly confidential data is secure while utilizing Superior's online hosting platform RELATIVITY. Superior thinks it is important for both our potential and current business partners to recieve full disclosure regarding how our data center partnership works. With razor sharp clarity I understand the importance of transparency when it comes to explaining our security process'.

First and most importantly our data center is interconnected by a high performance, fully-redundant private network that ensures the security, integrity and availability of our customers' business applications and technology infrastructure. Highly skilled technical personnel maintain the both data center and our review platform 24 hours a day, seven days a week. The data center, located right here in Richmond Virginia is engineered with multiple levels of security, uninterruptible power, redundant HVAC systems, fire suppression and around-the-clock monitoring and management.

Level 1: Proximity card access with PIN is required to enter the building. You are not yet in the data center.
Level 2: Proximity card access with Biometric (fingerprint) scan is required to enter the data center.
Level 3: All hardware is secured in a locked cage or steel mesh cabinets fitted with combination locks.
Level 4: Video surveillance cameras are placed throughout the facility.
Level 5: Staffed 24x7x365

Our data center is engineered with an uninterruptible power system and backup generator to deliver seamless power. In the event of a commercial power failure, our isolated UPS system will provide immediate backup power until diesel generators take over the load and continue operation of the center.

With best-in-class environmental HVAC units to control and monitor the temperature and humidity in the data center our redundant HVAC keep sthe average temperature in each data center at 70 degrees Fahrenheit to ensure a consistent operating atmosphere for your mission critical technology infrastructure.

The data center utilizes dry-fire suppression systems that can be deployed manually, or by a sequence of three failures anywhere in a data center zone. Each facility is also fully equipped with smoke and heat detection sensors as well as fire doors and handheld gas-based fire extinguishers.

Superiors' network infrastructure provides customers with reliable connectivity and fast performance and includes around-the-clock monitoring, notification and reporting Our management incorporates ‘best practice’ guidance from outside standards, such as ISO 27002, DSS, and others when designing and implementing our controls, but we customize our controls based on what makes the most sense for us and our customers. while minimizing or eliminating potential downtime regardless of matter size, number of reviewers, or the number of matters under active management.

Our data center's SAS 70 certification is intended to give our customers confidence that we are providing a high level of security, monitoring and management of their valuable business assets to help them meet the increasing compliance requirements of HIPAA, HITECH, Sarbanes Oxley, Graham Leach Bliley and other legal and regulatory regimes.

In today’s legal and regulatory environment, attorneys increasingly confront complicated electronic discovery scenarios involving multiple matters and numerous parties that can extend over many years. Superiors clients can be confident that we have implemented state-of-the-art security measures to protect their data - because in the end game - data security is priority one.

Our review platform - Kcura's Relativity employs a highly granular security architecture. This means that any object, such as a user, tag, field of metadata, document, collection of documents, or even highlights and redactions, can be secured, limiting access to users without permissions. Relativity system administrators have the ability to grant or deny any of these permissions on a customized basis

Relativity’s security architecture allows a collection of data to undergo expert review in a limited environment, or in an expanded environment by the case team, eliminating the need for multiple iterations of the same database. In addition to workflow-based security, Relativity provides a variety of secure authentication methods. With a standard Microsoft infrastructure, Relativity allows IT teams to secure and back up data with the same strategies they employ for other enterprise systems.

Benefits to our law firm clients of the Relativity security model include:
Native files and TIFF images streamed into local memory, preventing fragments of sensitive documents from being left on a workstation hard drive
User or group access restricted to specific IP addresses
Restrictions on printing, copying text, and even disabling “print screen”
Customized access where users see only the data, documents, and features to which they have rights
The ability to create secure subsets of documents for experts and clients
Securable coding forms, metadata fields, and document annotation/redactions, allowing for multi-party access
RSA integration to provide Two-Factor authentication
A secured 128-bit SSL encryption, the same used by online financial institutions storing personal information.

You know the Law.
We know litigation support.

No comments: