Security Policy
Servicing critical business processes, individuals and organizations count on Leadmark security and data protection to meet their needs. We take security very seriously and have developed a comprehensive set of practices, technologies and policies to help ensure your data is secure. This document outlines some of the mechanisms and processes we have implemented to help ensure that your data is protected. Our security practices are grouped in four different areas: Physical Security; Network Security; People Processes and Redundancy and Business Continuity.
Physical Security
“Our datacentres are hosted in some of the most secure facilities available in the Netherlands today in locations that are protected from physical and logical attacks as well as from natural disasters such as earthquakes, fires, floods, etc.
7 x 24 x 365 security
The data centres that host your data are guarded seven days a week, 24 hours a day, each and every day of the year by private security guards.
Video Monitoring
Each data centre is monitored 7 x 24 x 365 with night vision cameras.
Controlled Entrance
Access to the data centres is tightly restricted to a small group of pre-authorized personnel. A seven layer security shield has to be passed before getting access to a server room.
Power fences and bullit-resistant walls
Leadmark servers are guarded safely inside bullet-resistant walls. Access to the data centre is restricted by power fences.
Network Security
Our network security helps protect your data against the most sophisticated electronic attacks. The following is a subset of our network security practices. These are intentionally stated in a very general way, since even knowing what tactics we use is something hackers crave.
Secure Communication
All data transmission to TRAC is encrypted using TLS 1.2 protocols, and we use certificates issued bySHA 256 with RSA Encryption to ensure that our users have a secure connection from their browsers to our service.
Intrusion Detection
Our network is gated and monitored by highly powerful and certified Intrusion Detection Systems. A Security Information & Event Management system is used to detect and address irregular patterns and behaviours.
Control and Audit
All accesses are controlled and also audited.
Sliced Down Environments
TRAC environments are segmented and run inside a secured, sliced-down operating system engineered for security that minimizes vulnerabilities.
Virus Scanning
Traffic coming into Leadmark Servers is automatically scanned for harmful viruses using state of the art virus
scanning protocols which are updated regularly.
People Processes
Designing and running data centre infrastructure requires not just technology, but includes a disciplined approach to processes. This includes policies about escalation, management, knowledge sharing, risk, as well as the day to day operations. Leadmark works with established service providers that have years of experience in managing IT infrastructure designing and operating data centres and continually improve processes over time.
Select Employees
Only employees with the highest clearance have access to the data centre. Employees are logged and access
is strictly regulated. Access to customer data is limited to only a select few who need such access to provide support and troubleshooting on the customer’s behalf.
Audits
System management and data centre operations are regularly audited and the whole process is reviewed by management.
As-Needed Basis
Accessing data centre information as well as customer data is done on an as-needed only basis, and only when approved by the customer (i.e. as part of a support incident), or by senior Leadmark management to provide support and maintenance.
Redundancy and Business Continuity
One of the fundamental philosophies of cloud computing is the acknowledgment and assumption that computer resources will at some point fail. Our systems and infrastructure are designed with that in mind.
Distributed Architecture
TRAC runs on a distributed architecture. That means a server can fail without a noticeable impact on the system or our services.
Power Redundancy
The data centre utilizes a double power feed. Should the main power supply fail a redundant no-break power supply will take over allowing the data centre to run independent of the electricity network for a period of over 50 hours.
Internet Redundancy
TRAC is connected to the world –and you- through multiple Tier-1 ISPs. So if any one fails or experiences a delay, you can still reliably get to your applications and information.
Redundant Network Devices
To avoid a single point of failure TRAC runs on an infrastructure using redundant network devices (switches, routers, security gateways).
Redundant Cooling and Temperature
Intense computing resources generate a lot of heat, and thus need to be cooled to guarantee a smooth operation. All temperatures are controlled by a redundant temperature control system. The use of open air, in case outside temperatures are below 14⁰ Celsius, makes it very energy efficient and environmental friendly.
Geo Mirroring
Customer data is mirrored in a separate geographic location in the Netherlands for Disaster Recovery and Business Continuity purposes.
Fire Prorection
The data centres are guarded by industry-standard fire prevention and control systems including redundant Very Early Smoke Detection Alarm (VESDA). In case of fire Argonite gas is automatically released.
Data Protection and Back-up
User data is backed-up periodically and safely stored, helping protect the data in the event of
hardware failure or disaster.
Security Certifications
Availability and security is critical to our customers using TRAC. To maximize quality of service Leadmark works with highly professional, established and certified service providers for system and data centre management.
Our partners have earned to the following certifications for Internet and IT Services included Managed Hosting and Managed Solutions:
ISO 9001:2008 – Quality Management
The certificate secures quality of service and customer satisfaction.
ISO 27001:2013 – Information Security
The certificate guarantees that processes, systems and services are compliant with international standards for information security.
NCP Borg Klasse 4 – Physical Security
The certificate guarantees that data centre meets the highest levels of constructional and electronic security.
ISO 14001:2004 – Environment Control
The certificate guarantees the data centre applies a good environmental management system and reduces its environmental footprint.
ISO 50001 – Energy Control
The certificate guarantees the data centre applies a good environmental management system and reduces its environmental footprint.
Notifications of Changes
We may modify the Security Policy upon notice to you at any time through a service announcement or by sending email to your primary email address. If we make significant changes in the Security Policy that affect your rights or security level, you will be provided with at least 30 days advance notice of the changes by email to your primary email address. You may terminate your use of our Services by providing Leadmark notice by email within 30 days of being notified of the availability of the modified Security Policy if the Security Policy is modified in a manner that substantially affects your rights or security level in connection with use of Leadmark Services. Your continued use of Leadmark Services after the effective date of any change to the Security Policy will be deemed to be your agreement to the modified Security Policy. You will not receive email notification of minor changes to the Security Policy. If you are concerned about how your data is secured, you should check back at https://www.leadmark.nl/terms periodically.
Vulnerability Reporting
Leadmark values the work done by security researchers in improving the security of our service offerings and we are committed to working with the community to verify, reproduce, and respond to legitimate reported vulnerabilities. Please submit security issues at https://www.info@leadmark.nl
Contact Us
If you have any questions or concerns about this Security Statement please contact us at info@leadmark.nl. We shall to all inquiries within 5 days of receipt upon ascertaining your identity.
Version 1.0 September 2017