Security Statement

Security is at the core of all our services.

Security Policy

We have taken significant measures to help ensure that all information remains confidential and secure within our data centers. We use state-of-the-art network, data, and physical security practices to protect your data to the best of our ability.

Security Overview

We make every effort to ensure that your information is protected. We use industry standard procedures and processes to safeguard your personal information by using intrusion detection, secure firewalls, encryption of sensitive information, internal controls, and carefully monitoring of the network for unauthorized access attempts. We also employ SSL encryption. Security audits are conducted utilizing ISACA CISM global standards.

Physical Security

All servers involved in gathering, storing, and providing the data to you are operated in a secure data center that has restricted access to authorized personnel only. Our data centers are monitored 24 hours per day and only certified employees are permitted on premises through the use of a picture ID, access cards, PIN code and retinal scanning. A record is kept of all personnel who have entered the secure data center. 

Our employees are made aware of our security policy's procedures and practices through their acceptance on a yearly basis that they have carefully reviewed and abide by it.

Firewalls

All external access to our internal networks must go through multiple physical and virtual firewalls. Additional firewalls are used to secure access to the individual client resources. Our firewalls are regularly tested to insure that they are able to protect all information from unauthorized external and internal access. All security appliances are rigorously maintained with current firmware and threat definitions.

Intrusion Detection

We use an intrusion detection system to continuously monitor unauthorized attempts to access our site. We also employ state of the art, real time monitoring of all infrastructure assets.

SSL and Encryption

We use Secure Sockets Layer (SSL) and other encryption techniques where appropriate. Regarded as the standard for encryption technology, SSL allows for sensitive information to be delivered securely between a server and a client. SSL-secure websites are commonly identified when a link features "https". We only use third party signed SSL certificates from recognized Certificate Authorities (CA's). All inbound and outbound communication to our datacenters are encrypted using various industry standard encryption methods when available. Additional layers of security and encryption are available upon request.

Internal Business Practices

We store all access credentials in an encrypted format on a secure server. Only a few authorized individuals have access to the data warehouse.

We require all users to provide IDs and passwords using both alpha and numeric characters to prevent easy guessing of passwords by unauthorized individuals.

SkyBox Cloud LLC adheres to ISACA COBIT 5 governance standards to ensure quality, reliability and performance of its diverse offerings.