Spang Technologies implements a set off comprehensive measures and procedures to ensure business continuity and reliability.
A dedicated IT department is responsible for Infrastructure Engineering, Infrastructure Change and Release Management. Responsible people are informed about all significant events concerning the functioning of the information infrastructure on the 24x7 basis by using mobile phones with Email2SMS service enabled.
We have more than 300 Intel P4 (Core 2 Duo) and Apple Macintosh workstations and 30 servers in our four datacenters located in Minsk. All our datacenters are equipped with efficient air conditioning, fire protection and UPS power protection systems. Each server is built on the RAID technology (Level 1 or Level 5 controllers are used).
Internet Redundancy and Data Exchange
Reliable Internet connection is provided via two independent data links with the bandwidth of 4 and 1 Mbps. The connection between the datacenters is provided via fiber-optic links with the bandwidth of 1Gbps. Reliability of power supply is ensured by the presence of 3 separate and independent power feeders at every datacenter and by the usage of high-performance UPSes. Internal information infrastructure includes 20 HP ProCurve switches, 1 Cisco router and a set of telephony equipment (hardware (Coral) and IP (Asterisk) telephone stations, 200 telephones and 5 GSM gateways).
Network Services Reliability
Failover capabilities are implemented for the main network services, such as Mail, DNS, Internet Access, Active Directory and development servers. The Mail Server backup is performed via two backup servers, one located in Europe and another in North America. This mechanism ensures that no incoming and outgoing mail is lost.
We have developed a number of documents covering our Security Policy: General Network Usage Policy, Sensitive Information Encryption and Exchange Policies. General compliance with our security policy and regulations is ensured by the usage of logon scripts and Group Policies.
We perform careful security checks of every person that is applying for a job. Confidentiality Agreements are an important part of the security system and every employee we hire is to sign such an Agreement. All the security-related cases and incidents are tracked and resolved by Department Managers. We inform all the people we hire about the Company's security standards and keep this knowledge up-to-date by organizing special training programs on regular basis.
Physical Security and Access Control
We imply a multi-level access control system. On the first level our security service is checking our employee's ID-badges to ensure they are authorized to access the building. The next level of access control is based on the usage of electronic cards, each possessing unique radio metrics, that are given to every employee that is authorized to access the floors of our buildings. We have installed effective video monitoring and alert systems in our offices and have arranged Governmental Security Service's (Police) protection of our property. The access control system is managed from one central control point, though each datacenter's security system is independent.
Customers Data Protection
We understand that security of our client's data in number one priority for our business. We use 256 bit AES algorithm for traffic encryption and 2048 bit public/private keys pair for authentication purposes. Sensitive data is exchanged via SFTP server and PGP is used for emails encryption. This way compliance with the ISO standards for information security is provided. We also strictly follow all the governmental rules and regulations for emergency issues.
For development purposes we use virtualization technology which enables us to build a separate operational environment for each project and thus increase resource allocation flexibility and effectiveness. This technology is based on the usage of VMware Server 1.0, VMware ESX Server 3.0 and VMware Infrastructure for project monitoring.
All the processes are constantly monitored by the administrative team and vital information on all the important changes and incidents is tracked and logged via Syslog Server for future audit.
The Information Life Cycle Management (ILM) process we have developed at Spang Technologies includes a set of data protection and other security-related activities. A special data recovery scenario is presupposed for each kind of potential data loss situation (e.g. hardware or software failure, computer virus, human mistake, etc.). The process of backup copies creation is regulated by the Backup Process Plan.
Effective backup procedures are ensured by a number of physically distributed backup locations Spang Technologies has in its offices in Minsk, dedicated servers in several countries of the world and high level of encryption of backup data.