Preventing data loss begins with the physical server environment. TazWorks partners with ViaWest for collocation services to ensure that the servers hosting InstaScreen™ are in a world-class, independently certified data center complete with redundant environmental controls, physical security, uninterruptible power, and multi-carrier network capacity. The servers themselves are fault tolerant with configurations that can lose disks, servers, or even the data center itself with the CRA data safely preserved at our out-of-state disaster recovery site.
Additionally, InstaScreen™ ensures that tools such as encrypted communications, user roles and permissions, password security, lockout policies, and multi-factor authentication (MFA) are available to the CRA to help prevent the disclosure of CRA data to unauthorized persons. Of these, perhaps the most underutilized is MFA. By enabling MFA for all CRA and client users, it means that even if a user’s credentials are compromised by an adversary (e.g. via malware), they cannot be used to access CRA data without the adversary also obtaining the second authentication factor (e.g. the user’s cell phone to receive the token code). Having MFA enabled would have helped lessen the impact of recent exploits such as Heartbleed and the eBay data breech.
The security landscape is constantly evolving. Staying vigilant and informed of current events is essential, as is utilizing security resources such as up-to-date anti-malware software, security scanning services, and technology partners equally dedicated to security such as TazWorks.
Contact a TazWorks Support Representative for more information.