V3′s network is secure
V3′s network is secure both at the perimeter and via active management of all network devices, including servers, switches, and workstations. Our network utilizes the following features:
- Stateful permiter firewall with NAT (Network Address Translation).
- An IPS (Intrusion Prevention System) that detects and blocks malicious traffic based on up-to-date definitions.
- A dedicated spam firewall that uses up-to date definitions to block incoming malware.
- A web filter that acts as a passive proxy that blocks suspicious outgoing traffic (trojan horses) based on up-to-date definitions.
- Secure encrypted VPN connections are required for employees accessing network resources when away from our physical facility. All non-essential TCP and UDP ports are blocked from public access.
- LDAP-compliant directory and authentication server managing users, groups, shares, and other network resources. Strong passwords are required with a 60-day password rotation.
- Installation of software is restricted, limiting the possibility of malware spreading throughout the network.
- Managed Anti-Virus and WSUS (Windows Server Update Services) servers ensure all systems, including servers and workstations, are kept current with security patches.
- Real-time monitoring of servers and network traffic alerts our IT engineers of any anomalies.
- Sensitive data may be sent to us via our Secure FTP server (FTP over explicit SSL). Access is restricted to the Data Processing (DP) department.
- A physically and logically separate network segment behind a firewall for our DP department.
- All mailing list data is stored in folders with strict permissions on a dedicated and restricted server with a RAID array located on the DP network, thus limiting file access to specific users in the DP department and ensuring accessibility.
- Mailing list data is not backed up in our general nightly backups, but is handled via a separate encrypted process, and is stored in a dedicated locked cabinet.
- Our guest wireless network is located outside of the network, allowing our guests access to the internet but not the V3 network.