One of the biggest questions customers usually ask of a cloud-based application relates to the storage of their documentation. Specifically, customers want to know more about data integrity to ensure that their documentation is secure and accessible at all times.
Interestingly, security and accessibility are two aspects of document control that people often take for granted, assuming that their company’s existing security and backup practices will suffice. If you’ve ever lost documents that you thought were backed up but weren’t, or have suffered through instances where colleagues made unauthorized changes to documents that caused you grief, you know what I’m referring to.
As DocBoss is a cloud-based service, we take care of storage and backup so that you’re not relying on the existing practices that your company has in place that may be insufficient for the document control work that you’re responsible for.
DocBoss uses Amazon Web Services as our hosting service, the same company used by NASDAQ, Netflix, Airbnb and other well-known corporations who transact and do business largely online. In that regard, here are some DocBoss security highlights to help answer your data integrity questions:
Physical
DocBoss employees do not have physical access to the client’s data stored within the Amazon facilities and the agreement between DocBoss and Amazon for the provision of services provides assurances that the system applications, data and other entrusted information is securely stored and managed.
Logical
Integrity is managed through verification procedures inside DocBoss. Block level backups are run on small intervals, and full backups are prepared on a daily basis. If there are issues with data integrity, restore procedures are available and documented. All transactions are logged.
Redundancy
System redundancy is managed as a combination of Amazon hosting, backups and VM instances. The physical redundancy is managed by Amazon (all hardware, Internet access). System redundancy is manage with duplicated servers and redirects in case of downtime.
Backups
All document uploads are backed up inside the host amazon facility, with block level backups to a secondary facility with 5 minute increments. Database replication processes every database transaction to redundant servers, and additionally pushes the SQL logs to backup systems. Full system backups occur every evening, wiping SQL logs and refreshing backup systems.
General Security Protocols
DocBoss runs detailed security analysis on all components of the application (both public and private interfaces) to identify potential vulnerabilities. Firewalls inspect all incoming data against a commercial threat logs. Firewall logs are reviewed daily. Server virus scans are performed continually, with patches applied immediately.
DocBoss provides 128-bit SSL encryption for user login and all subsequent data exchange, the same level of encryption used by online banks. Password expiry and complexity settings help users maintain the integrity of their access passwords.
The DocBoss application is separate from the data system. Application users cannot access the underlying data system. Role-based access isolates data between users.
Audit trails are in place throughout the application, tracking changes based on user and time stamp.
Accessibility
As far as who can actually access your projects and make changes, that’s where DocBoss itself comes in. DocBoss offers three levels of users (Full User/Admin, Review Only, View Only) so that only authorized users can make changes, so you don’t have to worry about your well-meaning colleagues amending documents without your knowledge or permission.
Since each DocBoss user is a named user, you can also determine who made changes to a document in the instance where multiple users have access to the same project. Users have individual user accounts, with enforced password complexity, and expiration.
Consider how this compares to your current document control data integrity practices and feel free to contact us to learn more.