StratusLIVE’s hosting model provides multi-vendor (Microsoft Azure and NTT Data Centers) and multi-geographic security, backup, and disaster recovery capabilities to ensure business operations continuity, data integrity is securely protected, and accessible.
- Dedicated Operations team monitors and indexes databases for maximum performance.
- Secure Co-Location Hosting
- 99.99% Uptime
- Daily Full Backups
- Implement additional encryption in the database beyond what Dynamics encrypts by default.
- Block international sourced attacks rather than rely on other mitigations.
- Focus on traffic patterns of MS Dynamics and StratusLIVE Ignite since we don’t have to support the commercial side of MS Dynamics and integrations that would not apply to our customer’s usage patterns.
- Better positioned to disable older protocols such as TLS 1.0 and 1.1 than MS as we do not have to support the range of integrations they do as well, which lets us make security changes faster.
Security layers and protection of client
and donor information
and donor information
StratusLIVE provides the benefits of built-in security within the Dynamics 365 platform from Microsoft, which delivers extensive permissions/security layers.
Details about user security “roles, privileges, and access levels,” can be found at the following link: Developer Guide for Dynamics 365 Customer Engagement
Please find an excerpt provided below from this web link for your convenience (italics and bold added):
“In Microsoft Dynamics CRM … the fundamental concept in role-based security is that a role contains privileges that define a set of actions that can be performed within the organization. For example, the salesperson (i.e., nonprofit Resource Development member) role is assigned a set of privileges that are relevant to the performance of the tasks defined for that role. All users must be assigned to one or more predefined or custom roles. In Microsoft Dynamics CRM…, roles can also be assigned to teams. When a user or team is assigned to one of these roles, the person or team members are assigned the set of privileges associated with that role. A user must be assigned to at least one role.
A privilege authorizes the user to perform a specific action on a specific entity type. Privileges apply to an entire class of objects, rather than individual instances of objects. For example, if a user does not have the privilege to read accounts, any attempt by that user to read an account will fail. A privilege contains an access level that determines the levels within the organization to which a privilege applies. Each privilege can have up to four access levels: Basic, Local, Deep, and Global.”
There is also function, form, view and field-based security capabilities that come with the Microsoft Dynamics CRM/StratusLIVE application.
Hosted Operations
Hosting Environments
- StratusLIVE uses a combination of colocation facilities and cloud providers for hosting. This approach allows us to place tight security controls on sensitive data while having the flexibility to rapidly scale out when needed. This mix of providers also allows for a variety of failover and disaster recovery options.
Multi-Layered Approach to Security
- Security threats – from Internet-borne worms and viruses to Distributed Denial of Service (DDoS) attacks, internal data losses, natural disasters, and terror-related risks – pose a multi-billion-dollar threat to organizations. StratusLIVE takes a comprehensive approach by utilizing industry-standard security tools and techniques, enabling our staff to effectively manage and protect hosted assets.
- Security tools and techniques include physically secure data centers, firewalls, malware protection, server and network monitoring, intrusion detection systems, server hardening techniques and many more controls to provide a multi-layered approach to security.
- Encryption is used to protect data including TLS and IPsec to protect data in transit and full disk encryption to protect data at rest.
Network
- StratusLIVE’s networks are built with enterprise quality hardware from multiple vendors. This layering allows us to avoid common mode failures, in which a vulnerability from one vendor may be present in multiple product lines from that vendor.
- All network equipment configuration is based on applicable hardening guidelines.
- Internet Services in our colocation facilities utilize redundant connections from a minimum of three Tier 1 Internet providers.
- Firewall clusters and Intrusion Prevention Solutions are deployed within our networks.
- All StratusLIVE Hosted sites are secured with TLS encryption ensuring your data in transit remains secure.
- StratusLIVE works with our direct Internet peering points as well as all of our cloud providers to provide protection from Distributed Denial of Service (DDoS) attacks.
Hardware and Operating Systems
- All server Operating Systems are built using best practices derived from a variety of sources including Microsoft, NIST, CIS, NSA, and SANS. All network equipment configuration is based on applicable hardening guidelines.
- Hardware is routinely patched to mitigate firmware vulnerabilities. Firewall clusters and Intrusion Prevention Solutions are deployed within our networks.
Anti-Virus Protection
- To protect our servers against malicious software programs, StratusLIVE utilizes Anti-Malware products. Host-based and network-based solutions are in place.
Security Patching
- StratusLIVE tests and installs Operating System and application security patches on all systems. Patches are tested on QA systems are applied based on the criticality of the patch. All patches are applied within a week of being released. Critical patches with a high potential impact to our services can be applied within hours of release.
Certified Engineers and Security Teams
- Our Cloud Engineering and Security Teams have earned industry certifications from vendors including CompTIA, Microsoft, Cisco, and GIAC.
Business Continuity
Server Backup Policy
- Our Cloud Engineering and Security Teams have earned industry certifications from vendors including CompTIA, Microsoft, Cisco, and GIAC.
Database Backup Policy
- All databases have full backups taken nightly as well as every 3 hours throughout the day. All database backups are replicated between multiple datacenters.
High Availability
- StratusLIVE utilizes external DNS services in conjunction with intelligent load balancers to manage the possibility of a failure. Our primary facility has redundant internet connections, firewalls, and network switches. We have multiple clustered servers as well as multiple storage arrays to mitigate outages.
Datacenter Facilities
Physical Security
- In-house security staff
- Multifactor identification and multi-level security zone
- Computer room air handlers at N+2 redundancy or better
Cooling
- 100% availability
- Centralized industrial chiller plant with automatic controls to maximize operating efficiency.
- Computer room air handlers at N+2 redundancy or better
Power
- Scalable beyond 260 watts per square foot
- 2N+2 design throughout the power architecture – from industrial generators and uninterruptible power supplies to custom designed power distribution units
- Concurrently maintainable and fault tolerant
- Highly intelligent and self-healing infrastructure management system integrated into Operations Control Center monitoring system.