Laserfiche WebLink
SOLICITATION # CH16012 <br />QTS cloud's Policies are maintained within a biometric secure office located in the Suwanee <br />facility at 300 Satellite Blvd, Suwanee, GA 30024. It is disseminated to all individuals, including but <br />not limited to employees, contractors, consultants, temporaries, and other personnel affiliated with <br />third parties, who use any QTS Information Resource that is owned or leased by QTS. This policy <br />is consistent with QTS's mission and functions and with applicable laws, directives, policies, <br />regulations, standards, and guidance. <br />The previously mentioned artifacts are disseminated via a centralized secure document repository <br />among all QTS cloud's personnel who have any service operations or service delivery role for <br />QTS cloud's IaaS offerings system environments, and is to be individually or by group reviewed <br />semi-annually, especially by any personnel who have administrative access. <br />QTS can provide its Information Security Policies as required: <br />• IT_POL_03_System_and_ Communications_Protection_Polic 0.2—1/17/14 <br />SAP <br />Ariba <br />We are committed to the security and integrity of customer information. We <br />utilize security measures to protect against the loss, misuse or alteration of the <br />information under our control. To prevent unauthorized access, maintain data <br />accuracy, and facilitate the correct use of information, we have put in place <br />appropriate physical, electronic, and managerial procedures to safeguard and <br />secure the information we collect within the solution. <br />Fieldglass <br />Please see the Fieldglass Security and Hosting Overview provided in the <br />Supplemental Information section of this response. <br />Hanna <br />Communication between data centers is via VPN or MPLS; VPN is encrypted <br />by default and MPLS can be encrypted as well. <br />Internet facing customer systems are protected by perimeter protection <br />systems using technologies such as web application firewall (WAF) or <br />intrusion prevention systems (IPS). Perimeter protection systems operate by <br />monitoring traffic and blocking attaches towards SAP HANA Enterprise Cloud <br />customers stems. <br />Hybris <br />Both IDS and IPS are included the SAP Hybris Commerce, Cloud Edition <br />The security infrastructure includes firewall security and hardened security <br />policies on all servers. Log management procedures are in -place for log <br />review for firewall, applications, network devices, including file -integrity <br />management. SAP Hybris utilizes technologies from leading security firms for <br />Log Management and File Integrity Management. SAP Hybris employs two - <br />factor authentication across its network. SAP Hybris undergoes vulnerability <br />and penetration testing. SAP Hybris validates against requirements for PCI <br />DSS 2.0. <br />The infrastructure also includes Web Application Firewalls and DDoS <br />Mitigation Services. <br />In addition, security policies and change management policies are in -place <br />ensuring that all access and changes to customer systems and information is <br />accessible only by SAP Hybris staff with access authorization. <br />Security of the software application which is controlled by the Customer (or its <br />implementation partner) remains the responsibility of the Customer. <br />SuccessFactors <br />Technologies and measures used to help protect the security of customer <br />data include: <br />Redundant firewalls in a dedicated environment <br />Network intrusion detection to help guard against attacks by monitoring all <br />data center traffic around -the -clock and notifying operations and security <br />teams in the event of an imminent threat <br />Vulnerability scanning to proactively test internet-connected web servers by <br />searching for weaknesses in the same way that a hacker would <br />carahsoft 63 carahsoft <br />