Two Step Software is dedicated to providing some of the most advanced technology to ensure that customer data remains secure and available only to authorized users.

Your data is stored in an enterprise-class hosting facility that is engineered to the highest standards for physical, system, operational, and application security, including limited access to confidential information, biometric and surveillance scanning, locking down network systems from the inside, up-to-date patching, SSAE 16/ISAE 3402 Type II SOC (formerly SAS 70 Type II) audits, and ISO 27002 based policies and procedures.

Physical Security

  • Limited access to authorized technicians
  • Biometric scanning for controlled data center access
  • 24×7 security camera monitoring
  • 24×7 on-site staff for protection against intrusion
  • Advanced fire detection and suppression systems
  • On-site diesel generators for continuous power supply
  • State-of-the-art air circulation systems and N+1 redundancy of HVAC systems
  • Physical security audited by independent firm

System Security

  • 24×7 network and application monitoring
  • Up-to-date system patching for application software and operating systems
  • SSL 128-bit Verisign encryption
  • Industry standard Cisco firewall protection
  • Encryption for all administrative and customer traffic
  • High performance bandwidth with real-time monitoring of route efficiency and end-user performance
  • Load balanced applications across multiple servers
  • Database storage in a redundant SQL Server 2008 R2 clustered environment
  • Servers utilizing state-of-the art EMC SAN drives
  • Dell PowerEdge servers configured for automatic failover
  • Distributed Denial of Service (DDoS) mitigation services

Operational Security

  • SSAE 16 (formerly SAS 70 Type II) certified hosting facility
  • ISO 27002-based policies and procedures
  • Daily on-site backups
  • Fully-redundant secondary data center
  • Multiple redundant access points to a Tier 1 fiber carrier
  • System access is logged and tracked
  • Employee background checks
  • Access to confidential information restricted to authorized personnel
  • Secure document-destruction policies for all sensitive information
  • By policy, employees prohibited from accessing private data
  • Two Step claims no ownership of customer data

Comments are closed.