Cloud and Servers Security Statement
Overview
Visual Link IT Cloud and Servers are the hosting platforms designed and used by us to deliver Visual Link IT applications as a service. Each subscriber's Visual Link IT Cloud and Servers applications are physically located on a server in a shared or dedicated, locked cage at our data centre partners. Our data centre partners provide power, network and backup services. Visual Link IT owns the servers and is responsible for provisioning, monitoring, and managing the servers, and for providing support to Visual Link IT Cloud and Servers subscribers.
Data storage
Our Visual Link IT Cloud and Servers platform was designed and optimized by us specifically to host Visual Link IT applications and has multiple levels of redundancy built in. The applications themselves run on a separate front-end hardware node than that on which the data is stored. Hardware failure of the compute node is recovered automatically. Application data is stored on a RAID 10 (mirrored and striped) storage node which is replicated to a secondary storage node every four hours when is specially requested by the customer. If the primary storage node has a problem or becomes unavailable, the applications can be switched over to the secondary storage node.
Facilities
Access to the data centres is limited to authorized personnel only, as verified by biometric identity verification measures. Physical security measures include: on-premises security guards, closed circuit video monitoring, man traps, and additional intrusion protection measures. Within the data centre, all Visual Link IT equipment is stored in locked cages designed to be earthquake-proof.
Our data centres are located in geographically diverse locations across Australia.
People and access
Our global support team maintains an account on all Cloud and Servers systems and applications for the purposes of maintenance and support. This support team accesses hosted applications and data only for purposes of application health monitoring and performing system or application maintenance, and upon customer request via our support system. Within Visual Link IT, only authorized Visual Link IT employees have access to application data. Authentication is done via individual passphrase-protected public keys, and passwords, and the servers only accept incoming SSH connections from Visual Link IT and internal data centre locations. Visual Link IT Cloud and Servers are designed to allow application data to be accessible only with appropriate credentials, such that one customer cannot access another customer's data without explicit knowledge of that other customers' login information. Customers are responsible for maintaining the security of their own login information.
The Visual Link IT operations team monitors the Visual Link IT Cloud and Servers platform 24x7 from operation centres in Sydney.
Certification
To augment 3rd party application penetration testing we have performed, we have selected data centre providers that maintain industry-standard certifications.
Our data centres are compliant. These certifications address physical security, system availability, network and IP backbone access, customer provisioning and problem management.
Our Cloud and Servers operations and security have been evaluated against the Cloud and Servers Security standard.
Backups
Application database backups for Visual Link IT Cloud and Servers occur on the following frequencies: On-site backups are performed daily and retained for seven days; Tape backups are taken weekly, which are then stored off-site and retained for four weeks as required by the customers.
Privacy
Visual Link IT understands the importance of ensuring the privacy of your personally identifiable information. For more information, please see our Privacy Statement.
NOTE: This Security Statement applies to the Visual Link IT Cloud and Servers service. For any questions please contact us.