Security and Reliability Safeguards
The Cerico Services Platform utilises Microsoft’s Windows Azure Services Platform. Windows Azure runs in data centres managed and operated by Microsoft Global Foundation Services (GFS). These geographically dispersed data centres comply with key industry standards, such as ISO/IEC 27001:2005, for security and reliability. They are managed, monitored, and administered by Microsoft operations staff that have years of experience in delivering the world’s largest online services with 24 x 7 continuity.
In addition to data centre, network, and personnel security practices, Windows Azure incorporates security practices at the application and platform layers to enhance security for application developers and service administrators.
All information travelling between your browser and Cerico is protected with 256-bit SSL encryption. The lock icon in your browser lets you verify that you aren't talking to a phishing site impersonating Cerico and that your data is secure in transit.
Particularly sensitive information are encrypted in our database.
The Cerico servers are located in Microsoft’s Windows Azure Services Platform state-of-the-art datacentres, which provide biometric access controls, constant surveillance, redundant power feeds and generators, robust fire suppression, and carefully monitored climate control to protect the servers that store your data and manage your billing.
Cerico conducts regular penetration testing to improve Cerico security controls and processes. These tests are conducted by authorised and recognised security services providers on at least an annual basis. Additionally Microsoft conducts regular penetration testing to improve Windows Azure security controls and processes.
Click here to view the Cerico penetration test certificate.
To learn more or to initiate penetration testing, please contact your Cerico Account Manager.
Redundant servers and datacentres
The Cerico infrastructure uses redundant storage and servers to keep the application and your data available in the case of hardware failure - and another set of servers and storage in a geographically separate datacentre in case our primary datacentre is made unavailable by a disaster or other disruption.
The data in your Cerico account is replicated across multiple database servers in two geographic locations to prevent a single failure from causing data loss. Although Microsoft Azure SQL Database has built in protection for failures of individual machines and devices, The Cerico Platform still needs protection against accidental changes to the data. Microsoft Azure SQL Database creates backups of the data, and gives the ability to recover the data from unwanted deletions or modifications. Typically the automatic backups are taken in 5 minute increments. The backup retention period of 35 days gives point in time restore capability within the retention period.