To ensure the highest performance and availability of our service, Dapresy has partnered with several leading data centers to provide reliable service to its customers. Dapresy servers are geographically distributed across multiple continents worldwide, including data centers in Europe, Australia and North America. Each datacenter that Dapresy partners with provides top industry security measures, and many of them are compliant with various certifications, assurance programs or third-party verifications like: ISO9001, ISO27001, SOC2, SOC3, FIPS 140-2, CDSA, SSAE16, etc. High security data centers utilize electronic surveillance and multi-factor access controls. Data centers are staffed 24/7 by trained security guards, and access is authorized strictly on a least privilege basis. Environmental systems are designed to minimize the impact of disruption to operations. There is 24/7 closed circuit monitoring of all areas, and all entrances are controlled with an access control system to ensure only authorized entry in data centers.
Dapresy Data Center partners have the highest guaranteed SLAs to ensure maximum performance with minimum downtime. Data Centers are connected with MultiplePower Sources and have redundant power supply backup available 24/7. All Data Centers are equipped with Battery UPS Power Backup and diesel generators. Smoke detection and fire protection systems are in place in all data centers, and are specifically designed to protect the servers.
For more detailed information about the data centers, please contact your account manager.
To ensure there is maximum processing power and memory available on all servers, Dapresy uses at least Dual Processor Servers with a minimum of 32 GB and up to 256GB RAM. All our server hard disks are set up with RAID 1, RAID 10 or RAID 5 controller to ensure data safety as well as faster data transfer.
Servers have anti-virus and anti-malware protection and are configured to receive definition updates on a regular basis. Only necessary software is installed on the servers by authorized staff.
All systems are patched with the latest security and critical updates on a regular basis. On multi-tenant environments, the servers and system resources are shared between clients. However, Dapresy also offers dedicated server setups.
Dapresy dedicates a great deal of effort to ensure that one customer cannot see or access another’s data. Customer data is logically protected and segregated in a way that ensures that only a limited number of authorized personnel are able to access it. Strict access control processes have been developed and implemented to support this goal.
Dapresy takes Server Security very seriously. Therefore, security tests are performed after every new major release of Dapresy PRO, which is normally twice per year. These tests include port scans, checking for weaknesses in encryption ciphers, knownWindows and IIS security flaws, checking for application weaknesses against OWASPlist, etc.
From time to time, global clients will perform their own independent security/penetration tests, which Dapresy passes. In the unlikely event of any extraordinary security concern, Dapresy always provides a quick resolution. All application activity is logged, and logs are only available to Dapresy employees with proper access. All server activity is logged by the OS, and logs are only available to server administrators.
Dapresy applies the following server hardening rules:
- Quarterly installation of latest patches via Windows Update
- Guest accounts are disabled
- Servers have external IPs only if necessary
- Use a Strong Password on the Administrator Account
- Rename the Administrator Account
- Set Account Lockout Policy
- Remove All Unnecessary File Shares
- Set Appropriate ACLs on All Necessary File Shares
Server Auditing and Monitoring
In addition to top of the line data centers, server administrators monitor all our servers24/7/365. Dapresy monitors basic and key system indicators, such as disk space, CPU load, network bandwidth usage etc., and preemptively take action on situations whenever possible. Server errors are logged by the OS and used to rectify and inspect problems.
Dapresy servers are monitored and audited by various system and network monitoring software companies like Nagios, PRTG, etc.
Uptime server monitoring is performed by Pingdom AB. This provides Dapresy with uptime/downtime data from a large amount of European and North American countries. A server is flagged as down if two separate Pingdom nodes cannot get a response within 30 seconds, 5 minutes apart.
Dapresy performs backup on both web servers and database servers. Web servers are fully backed up each week with 3 incremental backups every week. Databases are fully backed up weekly, with daily differentials and kept for 8 weeks. Backups are performed off business hours. Dapresy has the possibility to restore backups within 24hours upon request.
All backups are stored on a raided SAN device and secured from unattended access.