Contact: 800-327-1802 or info@mindcentric.com
Home Managed IT Hosting Security Services
Hosting: Security Services

Security is another area where MindCentric distands heads and shoulders above the competition.

We incorporate a multi-pronged, multi-tiered security approach, allowing for robust security at all levels for every MindCentric customer. To truly protect our customers, MindCentric we have five separate security practices that provide internal checks and balances.

1. Physical
2. Network:
a. Network management and monitoring
b. IDS/IPS/DDoS
i. Core network
ii. Content analyzing
iii. Preemptive protection
iv. X-Force security research and intelligence
c. Firewall
d. Secure remote connectivity services (VPN)
e. SSL certificate
f. Anti-virus
3. Systems
4. Data protection
5. Security policy and enforcement


Physical Security
MindCentric's data centers have security personnel on site 24x7. Entry into the data center and Network Operations Center (NOC) require card-key access with validation through biometric palm readers. All MindCentric employees have bar-coded picture ID security cards that provide access to the facility and limited access to the NOC and the data center based on the employee's role or function. Any full and part-time contractors have ID cards with a prominently displayed contractor or visitor identification marks.

A comprehensive surveillance system with strategically located cameras records movement throughout the data centers. Full-perimeter video cameras monitor the surrounding grounds. Card-Key access ensures that even MindCentric staff members only have access to the areas for which they have been approved.
Physical Security: Four-level security architecture
Level 0: Card-key access to Level 0 (includes lobby and public areas)
Level 1: Card-key plus either hand-geometry reader or security guard checkpoint to access Level 1
Level 2: Card-key (restricted) to pass from Level 1 to Level 2
Level 3: Physical key (restricted) is required to access Level 3 (Server Rooms)
Internal Closed Circuit Television (CCTV) throughout facility, recorded, with tapes retained for seven days
External full-perimeter CCTV monitoring, recorded, with tapes retained for seven days

In addition, maintenance areas such as air conditioning, electrical, telecommunications, shipping and receiving are segregated from servers, networking, and other portions of the building. Closed Circuit Television (CCTV) is utilized throughout the facility—including computer rooms, passageways, entrances, exits, roofs and external surroundings—and footage is captured on videotape.


Network Management and Monitoring
MindCentric is dedicated to maintaining a best-in-class monitoring and management infrastructure. This component is so critical that we have implemented a redundant live infrastructure for security monitoring under the management of our security operations team. This approach enables both MindCentric's NOCs and security operations to monitor the security condition of each customer. In addition to traditional network, system, and application monitoring, MindCentric uses site-monitoring tools to ensure the user experience is produced as expected. Through this advanced monitoring, MindCentric can quickly determine if a web page or site has been defaced and can respond to the incident quickly and effectively.


Intrusion Detection System, Intrusion Prevention Services, and Denial of Service
MindCentric offers all customers Managed Intrusion Detection System (IDS) and Intrusion Prevention Services (IPS) for protecting against intrusions and Distributed Denial of Services (DDoS/DoS) attacks. This is NOT an add-on service; we feel security should be built into your services, not an up-sell. This proactive service allows for MindCentric to respond to real-time security events, so we can respond to problems before they happen, as opposed to after the damage is done.

The MindCentric IDS/IPS and DDoS service provides:
  • Management of security risks associated with intruders attacking the customer’s environment from the Internet; includes threats like DoS, DDoS, portscans, worms, Trojans, BotNets and unauthorized intruders.
  • Monitoring and analysis of real-time network activity to detect any potentially malicious activities
  • The latest known attack signatures for the highest quality attack analysis.

MindCentric has partnered with IBM using the Proventia Network Intrusion Prevention System (IPS) which delivers preemptive protection for enterprise networks as noted below:
Intrusion Prevention System (IPS)
Core Network: Proventia is an industry-leading preemptive protection system that works in the core of the network. Added port flexibility and inspected throughput of Gigabit Ethernet speed provide the robust features requirements for large core networks.
Content Analyzer: The IBM Proventia Content Analyzer comprises a collection of new data inspection capabilities designed to inspect and identify unencrypted information to protect the network.
Preemptive Protection with ISS: Preemptive protection with more than 950 recommended blocking actions that neutralize threats. IBM Internet Security Systems (ISS) is number one in the overall worldwide intrusion prevention and detection market, according to the industry analyst firm Frost & Sullivan.
Security Research and Intelligence: World-leading security research and intelligence from IBM X-Force Research and Development Group. The X-Force's round-the-clock global event monitoring, research and development results in first-to-market product enhancements that provide the most current protection against known and unknown threats

Proventia Network IPS helps stop malicious Internet attacks before they impact your organization, which is the only effective way to preserve network availability, reduce your burden and prevent security breaches.


Firewalls
MindCentric's managed firewall solutions enable customers to protect their trusted network infrastructure from the Internet. Firewall solutions can be implemented at the perimeter to protect front-end web servers, and/or at the back-end, protecting database and/or application servers.
Our offerings are configured in high-availability, fail-over clusters to ensure maximum site uptime and protection. Firewalls are monitored 24x7 via dedicated redundant Network Operations Centers (NOCs) located within data centers and remotely.

MindCentric fully managed service provides:
• 24x7 full system management and monitoring
• Installation, configuration and change management
• Policy management
• Maintenance (break/fix)
• Hardware, software licenses, upgrades and technical support



Secure Remote Connectivity Services (VPN)
A key component of MindCentric's security is to block access from the Internet to the highly vulnerable server management services - telnet, PCAnywhere, etc. MindCentric provides secure remote access services with industry leading secure Virtual Private Network (VPN) access. Customers can safely manager theirs sites and load content from a remote location anywhere on the Internet. MindCentric uses secure ID token based authentication and IPSEC based VPN connections and is supported 24x7 by MindCentric's NOC staff.

For customers requiring higher bandwidth or site-to-site connectivity there are a number of options. You can have a direct hand from any of the 10 different providers located inside our data center. This means customers have no local loop expense or slow down. MindCentric offers several dedicated connectivity options including fast Gigabit Ethernet, Frame Relay, and site-to-site VPN links. These options give you top performance and connectivity between your remote facilities and your MindCentric-hosted site.


Secure Sockets Layer (SSL) Certificate Management

SSL is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between web servers and browsers remains private and integral. SSL is an industry standard and is used by millions of websites to protect online transactions.

To create a SSL connection, a web server requires an SSL Certificate. The complexities of the SSL protocol remain invisible to your customers. Their browsers provide them with a key indicator to let them know they are currently protected by an SSL-encrypted session; the lock icon in the lower right-hand corner.


Anti-Virus and Advanced Filtering
MindCentric protects customers from viruses, spyware, and other malicious activity with the following:

Content Filtering
Filters malicious content from web and ftp traffic.
Anti-Virus & Spyware
Prevents client infections from web surfing and downloading.
URL Filtering
Blocks access to 20 million+ unproductive websites.


System Security
MindCentric uses quality-controlled installation and configuration processes and procedures to eliminate operating system, web server, application, and database vulnerabilities. For instance, MindCentric closes all nonessential ports and services as a default, and our standards allow customers to customize the configurations of their environment. In addition, MindCentric can ensure that any server for a growing site will have exactly the same configuration as the existing servers.

To protect your system data, MindCentric runs no system with single drives. All systems have a minimum of RAID1. This will ensure all data is protected if and when a hard disc fails.


DATA Protection
MindCentric's Managed Storage Services provide comprehensive high performance and high-availability storage solutions based on HPC SAN technology. These services ensure 24x7 availability of mission critical applications and data to support business analytical processes for data warehousing, mining and auditing. This provides a scalable solution to support customer growth in a heterogeneous environment. MindCentric's dedicated disc backup infrastructure enables us to provide high throughput archiving solutions. We do not us any tape; all backups are done on high performance disc RAID Arrays. This provides the fastest restores, best reliability and constant compatibility. From full and daily incremental backups to secure offsite storage MindCentric gives you the flexibility to meet your data security needs while maintaining a high level of availability.


Security Policy and Enforcement
To ensure security and protection is working at all times, the proper policies must be in place. Most importantly, the policies must be followed and enforced everyday. MindCentric’s policies and restrictions are built into the systems and user access to ensure only authorized personnel are on the system and following procedure. When the authorized users are granted access to the system, it forces them to follow policies and procedures that are built in to prevent any accidental or malicious activities.