scm hosted security
TRANSCRIPT
The leading provider of version control solution and TWAIN SDK
SCM Anywhere Hosted Security Elaborate security strategies from Dynamsoft and world-class data center
Source code is one of the assets that developers treasure most. With this in mind, Dynamsoft, based
on years of experience in version control and issue tracking hosting, provides a rich set of security
features, such as sophisticated database backup plans, and SSL/Password Policy as well as other
features comes with the software, to better protect your data. SAS70 and CICA5970 certified data
center is chosen to 24x7 monitor the network and protect your data.
Thorough Data Backup
Dynamsoft provides two types of backups: onsite and offsite. All backups are password encrypted.
1. Onsite Backup: Performed every 15 minutes
A full backup is made every month. An incremental backup is scheduled and made every day. In
addition, log shipping backup is performed every 15 minutes. In worst scenarios, our system
admin can restore your data to where it was 30 minutes ago.
2. Offsite Backup: Performed daily
While our data center is in Canada, we have a dedicated server in US for offsite backup. A full
backup is made every week, and an incremental backup is made every day.
SCM Anywhere Hosted Security Features
Secure Sockets Layer (SSL) Protocol
SSL is a strong cryptography and security protocol used to safeguard sensitive data during
transmission over open, public networks.
Dynamsoft uses VeriSign SSL encryption to protect your data over the network with 128-bit
encryption.
The leading provider of version control solution and TWAIN SDK
VeriSign’s SSL Certificate is adopted to secure your data transfer and account information stored on our
website, including user name, password and billing information.
Sophisticated Password Policy
SCM Anywhere Hosted integrates password length, complexity, memory and expiration to the password
policy to strong the security. The whole set of password policy makes a password very difficult to hack.
On top of that, the user “lock out” feature prevents hackers from guessing at passwords. This feature is
particularly important for network applications, like SCM Anywhere Hosted. Here’s the example. If a
server responds to a login request in 100 milliseconds, an attacker can try 36,000 different passwords in
1 hour. By using the 'Lock out' setting, administrators can minimize the number of password attempts
within a specified time frame. For example, if an administrator mandates a 10-minute lock out after five
incorrect attempts, the attacker can only try 30 passwords within one hour. This obviously makes a
password much safer.
The leading provider of version control solution and TWAIN SDK
Independent and isolated database for each customer
All files and projects committed to SCM Anywhere Hosted are stored in SQL Server. And each account
gets an independent database that’s isolated from other customers’ data. Operations on any database
will have no influence on the others’.
Database Encryption
Database encryption is provided to further protect your data. All of your data in SQL Server is encrypted
by a passphrase you provide during the encryption process. Under the unlikely worst scenario, even if
your database is copied without your permission, no one can read a single file in your repository unless
they know your passphrase.
There are two options for database encryption:
1. Your passphrase is encrypted by a public key using a certificate issued by VeriSign and stored in a
secured place. If you forget your passphrase, Dynamsoft will use the private key of the certificate to
recover your passphrase. The private key is protected by a rigorous security policy and is known to only
two persons at Dynamsoft: the Chief Systems Administrator and the CEO.
2. Your passphrase is not stored. This gives you extra security, but you run the risk of rendering your
entire database useless if the passphrase is lost or forgotten.
The leading provider of version control solution and TWAIN SDK
Login Log
SCM Anywhere Hosted allows you to track the login info. Login Time, IP address and status are provided.
If any suspicious login is found, proper actions, such as password modification and IP & Mac filter, can
be taken to stop the damage.
Flexible IP & Mac Filter Rules
The IP and MAC filter rule is used to restrict the access to SCM Anywhere Hosted server from server
manager and various clients.
It is pretty useful if you only want certain accounts from a range of IP addresses access the database. In
the case that your IP address is dynamic (using dial-up), you can simply input your network interface
card's MAC address into the filter. Also you can use MAC addresses exclusively to make sure only the
specified physical machine can access your SCM Anywhere Hosted account.
The Primus Data Center
SCM Anywhere Hosted is hosted in SAS70 and CICA5970 certified data center – Primus Vancouver.
Primus is known for physical security, power availability, infrastructure flexibility, network redundancy
and customer support that exceed the standards set by global Internet brands and leading enterprises.
Features of the Primus Data Center include:
24x7 security (Biometric identification)
The leading provider of version control solution and TWAIN SDK
24x7 video surveillance
24x7 environmental monitoring
24x7 network monitoring
Access limited to specifically authorized personnel
UPS (Uninterruptible power supply)
Diesel generator power backup system
No single point of network failure
Multiple connections to major Internet backbones
Cisco 7500-series routers are used as Gateway
Cisco 6500-series equipment at the core layer and distribution layer
Comprehensive written procedures and policies
To learn more about the data center, please go to:
http://www.dynamsoft.com/Products/Hosted_DataCenter.aspx