Security & Reliability
Xenegrade utilizes a variety of tools to maintain the security of your data as well as making sure you have access to your data on demand. Following is an overview of the security and reliability features of XenDirect.
User Security
XenDirect utilizes an internal security system at both the user level and permission group level. These permissions are set by the licensee’s system administrator. Permissions are assigned for View, Add, Modify, and Delete for the menu and submenu components level. User permission can be controlled per user or by permission groups. An unlimited number of permission groups can be created and a clone feature exists to duplicate and edit existing groups. User permission settings also control days and times a user can access as well as set a specific start and end date range. Permissions can also restrict access to student and course information based on a pre-selected list. Access to the system requires a user login, user password, and a PIN. A User Log records every time a user logs into and out of the system as well as identify when a user has not logged out of the system.
Physical Security
XenDirect servers are located in a private suite of a major data center. The private suite requires a coded RFID card and fingerprint verification access to enter the area (magnetic locks), and keys to access the suite. Security personnel are present in the building 24/7 and check points are maintained by security guards. Access to the private suite area is monitored by the NOC (Network Operations Center). Video and motion sensitive surveillance is performed by the NOC 24/7 of all access points and common areas, but not in the private suites.
Environmental Security
Telco grade fire suppression systems with pre-action dry pipes are located in all common areas. Monitoring system in the suite monitors air temperature directly from the A/C vent as well as ambient room temperature. In the event of power failure, power is switched to an N+1 UPS system automatically and then to MGE and PowerWare UPS units with diesel generators as soon as possible. The failover is automatic and tested regularly. Electric connections and N+1 Liebert unit HVAC systems have an N+1 configuration to maximize redundancy.
Firewall Security
Firewall rules are in place to block/allow traffic as needed. The firewall strategy includes IP restrictions for specific IP address for ODBC data access. Certain sensitive data is encrypted using a proprietary encryption method and data through SSL sites. The firewall strategy is monitored regularly for suspicious activity.
SSL Certificates
The Web Registration module utilizes a secure certificate for all operations once a student is logged in.
Server Security / Reliability
OS patches, security updates, and security patches are reviewed and installed bi-weekly and more often if the update/patch requires a higher level of importance. Server configuration includes four redundant fixed disks per data and web server. Password security is proprietary information except that server password aging includes a change at least every six months. Updates and patches that require server reboots are typically performed between 2:00 AM and 7:00 AM Eastern Time on a Sunday or otherwise as needed. The default port of 1433 is not used for production databases.
IP Protection
Both the Web Registration and Admin Module applications incorporate code seeking keywords passed via a URL. If one is found, the browser redirects back to the root URL and an email is sent to the Xenegrade programming staff with IP address and details of the attempted attack. Once an IP is recognized as a potential threat, it is added to a blocked list in the Firewall and Application code to prevent any possible future attempts.
"You all have been clever with the way the system is orchestrated."
Matt C.
IAATS
User Conference Participants Get Sneak peak
Posted: 03/01/2013
When a new iPhone comes out, long lines form by people who want to be the first one to get the new phone. Well, we...
More News...How does support work?
XenDirect has a online Help integrated into the system. The integration is context sensitive and is available to all users.
Beyond the integrated Help, there is...
More FAQ's...