About SimplicityPro™ security...

At SimplicityPro™, we recognize that privacy and security are important issues, so we design and operate our services with the protection of your privacy in mind.

Secure Sockets Layer (SSL)

Pangaea uses Secure Sockets Layer (SSL) technology to secure SimplicityPro™ by encrypting information and providing authentication.

An SSL Certificate consists of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When your browser connects to our secured site, a secure sockets layer "handshake" authenticates our server and your computer and establishes an encryption method and a unique session key. A secure session begins that guarantees the privacy and integrity of all information that then flows back and forth.

Without SSL encryption, packets of information travel across the Internet in full view (of anyone who can view web traffic). Imagine sending mail through the postal system in a clear envelope. Anyone with access to it can see the data. If it looks valuable, they might take it or change it.

How do you really know this is an authentic SimplicityPro™ website and a business you trust? Every SSL Certificate is created for a particular server in a specific domain for a verified business entity. Like a passport or a driver's license, an SSL Certificate is issued by a trusted authority. When the SSL handshake occurs, the browser requires authentication from the server. If the information does not match or the certificate has expired, the browser displays an error message.

128 bit encryption

Typically, when an SSL handshake occurs between your computer and a web site's server, a level of encryption is determined by your browser, your computer's operating system, and the SSL Certificate. Low-level encryption, 40 or 56 bits, is acceptable for sites with low-value information. However, a hacker with the time, tools, and motivation can crack the code in a matter of minutes.

SimplicityPro™ uses the Server-Gated Cryptography (SGC) feature within SSL to enable 128- or 256-bit SSL encryption, the most powerful SSL encryption available. Without an SGC-enabled certificate in place, SimplicityPro™ visitors using certain older browsers or operating systems (i.e., Windows 2000) would only receive 40- or 56-bit encryption. With SGC-enabled SSL Certificates, SimplicityPro™ can provide 128- or 256-bit encryption to over 99.9% of its visitors.¹

SGC high-level encryption, at 128 bits, can calculate 288 times as many combinations as 40-bit encryption. That's over a trillion times a trillion times stronger! That same hacker with the same tools would require a trillion years to break into a session protected by an SGC-enabled certificate.

VeriSign

Because our reputation depends on the privacy and integrity of your information, SimplicityPro™ uses a VeriSign SGC-enabled Certificate, which provides the strongest protection for the most site visitors. Over 93% of the Fortune 500 and the top 10 U.S. banks trust VeriSign because of their encryption technology and rigorous business authentication practices. When you see our VeriSign Secured Seal, you can know that your transactions are secure.

How to confirm you are visiting a secure website

Anytime you visit SimplicityPro™ you should see one of the following closed-padlock symbols in the bottom of your browser window:

Internet Explorer Internet Explorer
Firefox Mozilla Firefox
Netscape Netscape
Opera Opera (in the navigation toolbar, near the top)

The one exception to this is if someone has created a framed page that opens SimplicityPro™ in one of its frames. In some circumstances, on a framed site, the closed-padlock symbol will not appear.

More...

All of our servers are located behind a firewall. In some cases, there are several layers of firewall protection.

SimplicityPro™ implements hardware and software security utilizing a combination of both Cisco and Microsoft technologies.

Access to the data center is restricted 24 hours a day and all personnel entering or leaving the building must sign in and out with the security guard.

Entry into the data center's main office is card key access controlled. No one may enter the office without an electronic badge.

All access to the main data center floor requires a biometric hand scan and card key. All areas of the data center floor are monitored 24 hours per day by CCTV and on-site personnel. The NOC area and data center are accessed via a "trap area" that requires one door to be locked before the next can be opened.

All server and network cabinets are locked and a key must be checked to access all cabinets housing equipment.

Network security is provided by both ingress and egress filtering as well as multiple layers of hardware and software firewalls and advanced encryption techniques. The basic architecture consists of a combination of Cisco, Microsoft and proprietary products.

Exact specifications for network security are not available to the public. It is our firm belief that it is more difficult to hack a network or device when you don't know what the network or device is or the software deployed or release versions. Hackers routinely hack systems when they know what system, hardware and software version they are trying to hack.

SimplicityPro™ SQL Server databases are backed up daily and each daily backup is stored remotely for 7 days for your protection.

¹SimplicityPro™ Estimates from VeriSign are based on operating system and browser use reports. There are 156.6 million Windows 2000 PCs in use according to "PC Market by Operating System: Worldwide, 2001-2007," Gartner Dataquest, January 14, 2004. Browser estimates are based on statistics from OneStat, January 19, 2004, http://www.onestat.com/html/aboutus_pressbox26.html.

Next:  Designing SimplicityPro™...

© 2024 Pangaea International, LLC.  All rights reserved.

Zippy
HHMMAM/PM