Only authorized personnel can access to server room. Other persons do not have access to this room (except for inevitable cases, where the person is accompanied by an authorized person).
The server room is protected by safety door and safety lock. The server room is situated in a secured building which is monitored 24 hours a day.
Each access to our server room is monitored. Any access to data in electronic form is controlled using a complex system of user rights.
No interconnection is allowed with external systems, as these might potentially be exploited to get unauthorized access to confidential data (e.g. systems with limited or less strict access control).
There is a regular yearly revision of applied measurements to control the access and to limit the risks; results of that revision must be approved by the IT manager. Potential problems or imperfections are fixed immediately.
User access to data is recorded (logged). Logging system into production systems and databases must be active in all circumstances.
Apart from records on access to data, the system logs contain every event which could possibly affect system security or data security.
Records on access to data contain at least user identification and access time.
Our fire safety measures ensure the safety of hardware, software and data in the event of fire or other emergency. The server room is equipped with automatic fire detection and alarm systems.
Uninterruptible power sources (UPS) guarantee a continuous supply of electric power to our servers and other network infrastructure in case of power failure. In case of a long-term blackout, a correct shutdown of servers and related hardware is ensured so that no data are lost.
The tolerable temperature in our server room ranges between 18 and 24 °C. The air conditioning unit maintains a steady temperature so that the fluctuation is as small as possible.
Password-protected screensavers are automatically activated on all our computers after 10 minutes of user inactivity. We recommend our clients to apply this precaution, too, but we cannot insist or even check that this is really done.