Data Security Policy

Keeping your data secure and available is our number one priority. Below is a summary of our procedures and precautions. For security reasons, we do not disclose the specific location of our data facilities or the specific equipment we use.

Server Facilities

* Hardened, redundant and secure facilities in Phoenix, AZ

* SAS-70 Type II data center certification

* Fully multiple-redundant power and HVAC

* Controlled temperature and humidity

* Fire-threat detection and suppression

* 24x7x365 manned operations

* Multiple OC fiber and gigabit Ethernet carriers

* Interior, exterior, ceiling, and wall-mounted digital video surveillance

* Combined biometric and pass code access restrictions

* Attainia's servers are secured in locked cabinets accessible only to authorized Attainia personnel

Security / Availability

Fully redundant, geographically distributed, synchronized data centers ensure effective disaster recovery. Each center is configured with:

* Redundant, auto-failover, hardware firewalls

* Redundant, auto-failover, equalizers

* Redundant, auto-failover, application servers

* Redundant data servers with RAID 5 or greater disk redundancy

* Redundant data backup via log shipping, continuous, multi-destination hard disk backup, replication and incremental and full tape backup with offsite storage

* All servers hardened, with all unnecessary ports closed

* Available security patches monitored and regularly applied to all servers

* All passwords are long, random, alphanumeric strings

* 24-hour automated server monitoring and alert escalation

Data Retention

Attainia takes the protection of customers' data very seriously. Attainia customer-specific data:

* Is saved perpetually, throughout the course of the license with Attainia

* Is continuously and redundantly backed up to multiple media

* Is only removed from Attainia servers when explicitly deleted by the customer, or not less than 30 days has passed beyond notification by Attainia that the customer's licence period has expired

* Can be exported by customer at any time during the license period

* May persist on semi-permanent backup media stored in secure locations, even after being deleted by the customer

* May be able to be restored, at customer's request, even after being deleted by the customer. However, Attainia cannot guarantee that deleted or expired data is recoverable. The fee to restore a deleted PLAN project, department, or room is as follows:

> Standard - within 5 business days - $250

> Expedited - within 2 business days - $500

> Rush - within 1 business day - $1,000

Restoring other application data may also result in a fee. Data restoration fees must be paid with a credit card. If the data cannot be restored, the restoration fee will be refunded.

Please note that there is a fee structure for emergency data recovery services.

If you have any questions about this policy, please contact Wayne McVicker at wayne.mcvicker@attainia.com or call 650-691-4544.

0 Comments

Add your comment

E-Mail me when someone replies to this comment