 Security
The data resides in a secure hosting environment and is transmitted using 128-bit SSL encryption. Each
user is required to provide a valid user name and password that corresponds to the level of access granted
to the user by the bank. Actions within the application are stamped with user identities so that they are
matched for auditing purposes. eRevenue® follows a security breach escalation process that has
been ratified and audited by KPMG. In the event of a security breach, the proper security and technical
personnel will be contacted and provided with information regarding the breach. eRevenue® will
assess the problem as well as deploy appropriate solutions depending on the nature of the breach.
Firewall
The eRevenue® SafeLineSM system is protected by a Cisco PIX SPI (Stateful Packet Inspection) firewall.
Behind the firewall is a secured private IP network accessible only by a Triple-DES encrypted VPN
connection.
 Architecture
SafeLineSM is built on a Microsoft SQL Server 2000 platform. It is a multi-tiered Internet
application that was developed using Visual Basic and COM Objects. The system uses Internet Information
Servers (IIS) as the foundation of the Web Application Server and Active Server Pages (ASP) as the
presentation layer. The development environment is maintained through Microsoft Visual InterDev with
source code control administered by Visual Source Safe. Also used is Microsoft Visual J++ for JAVA applet
development.
Back-up
All servers run a RAID (Redundant Array of Independent Discs) level-five array of discs that are hot
swappable. All servers have fully redundant backup hardware and backup network interfacing in the event
of hardware failure. Backups to DLT occur every hour to prevent loss of data. The eRevenue®
hosting facility has a full compliment of diesel generators for power backup and is a hardened facility
against inclement weather and other security threats.
|
