World-Class Security Infrastructure
SolidSource provides state-of-the-art security to ensure that your customer data is never compromised. At SolidSource, we know that security is crucial to you — that's why security is our top priority. We devote significant resources to continually develop our world-class security infrastructure. The result: We ensure unsurpassed security and privacy of our customers' information. When you sign up with SolidSource, you'll enjoy the protection and peace of mind that only our world-class security infrastructure can provide.

Our security measures include the following:

• Expert team of experienced, professional engineers and security specialists dedicated to round-the-clock protection of data and systems.
• Continuous deployment of proven, up-to-date firewall protection, Secured Socket Layer (SSL) encryption, and other security technologies, including proprietary products developed specifically for SolidSource.
• Ongoing evaluation of emerging security developments and threats Complete redundancy throughout the entire SolidSource Online Infrastructure architecture Total commitment to a secured environment.

Security Details Description

Physical Security
Our production equipment is located in Los Angeles, CA at a facility that provides 24-hour physical security, palm print and picture identification, redundant electrical generators, redundant data center air conditioners, and other backup equipment designed to keep servers continually up and running.

Perimeter Defense
The network perimeter is protected by multiple firewalls and monitored by intrusion detection systems — all sourced from industry-leading security vendors. In addition, SolidSource monitors and analyzes firewall logs to proactively identify security threats.

Data Encryption
SolidSource leverages the strongest encryption products to protect customer data and communications, including 128-bit Verisign SSL Certification and 1024 bit RSA public keys. The lock icon in the browser indicates that data is fully shielded from access while in transit.

User Authentication
Users access SolidSource only with a valid username and password combination, which is encrypted via SSL while in transmission. An encrypted session ID cookie is used to uniquely identify each user. For added security, the session key is automatically scrambled and re-established in the background at regular intervals.

Application Security
Our robust application security model prevents one SolidSource customer from accessing another's data. Application security model also include role based security for accessing relevent information within the application. This security model is reapplied with every request and enforced for the entire duration of a user session.

Internal Systems Security
Inside of the perimeter firewalls, systems are safeguarded by network address translation, port redirection, IP masquerading, non-routable IP addressing schemes, and more. Exact details of these features are proprietary.

Operating System Security
SolidSource enforces tight operating system-level security by using a minimal number of access points to all production servers. We protect all operating system accounts with strong passwords, and production servers do not share a master password database. All operating systems are maintained at each vendor's recommended patch levels for security and are hardened by disabling and/or removing any unnecessary users, protocols, and processes.

Database Security
Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is limited to a number of points, and production databases do not share a master password database.

Server Management Security
All data entered into the SolidSource application by a customer is owned by that customer. SolidSource employees do not have direct access to the SolidSource production equipment, except where necessary for system management, maintenance, monitoring, and backups. SolidSource does not utilize any managed service providers. The SolidSource Systems Engineering team provides all system management, maintenance, monitoring, and backups.

Reliability and Backup
All networking components, SSL accelerators, load balancers, Web servers, and application servers are configured in a redundant configuration. All customer data is stored on a primary database server that is clustered with a backup database server for redundancy. All customer data is stored on disk storage that is mirrored across different storage cabinets and controllers. All customer data, up to the last committed transaction, is automatically backed up.

Note: Use of the SolidSource service is subject to the terms and use of the service agreement available through the SolidSource Web site. SolidSource may change its security infrastructure and/or this security datasheet from time to time.