Laserfiche WebLink
Chapter 2 — Networking, Security, and Support Connectivity <br />TriTech staff needs direct access to CAD SQL servers (TCP port 1433) with the SQL System Administrator (SA) <br />account. <br />7.4 FILE TRANSFERS <br />TriTech staff needs to have the ability to transfer files to computers running TriTech applications at a customer <br />site. With most customers, TriTech staff is allowed to map drives directly over the VPN connections after being <br />successfully authenticated in the CAD domain. The following ports need to be open to allow file sharing in <br />Microsoft environment: TCP ports 139 and 445, EDP ports 137 and 138. These ports are identified in the <br />Firewall Port Configuration Diagram in Section 5. <br />An alternate, but not recommended method of transferring files is via Microsoft Remote Desktop Connection <br />(RDP). This method is not meant for large file transfers and could significantly delay support efforts (double the <br />time to transfer files) in the case of a critical issue with the CAD system, including CAD down. <br />TriTech has implemented procedures and technology safeguards to limit access to customer systems and <br />customer data. These procedures are described below: <br />8.1 TRITECH PERSONNEL AUTHORIZED FOR SUPPORT CONNECTIVITY <br />TriTech hiring process includes a background check to evaluate individuals who will have access to restricted <br />and highly confidential information, customer records, technology and restricted sections of the building and/or <br />customer sites via physical or electronic means. These individuals are typically members of the Customer <br />Service, Product Management, Engineering, or Project Operations departments. <br />Individuals lacking such approved security access are not provided access to customer login information, servers <br />or devices containing customer data, or sections of the facility where such computers reside. <br />As noted in Section 7.x.x, all Security Authorized personnel must logon to machines utilizing advanced <br />authentication methods prior to initiating a connection to a customer site. <br />8.2 CUSTOMER DATA SECURITY <br />Customer data is entrusted to TriTech Software Systems with the expectation that the data will be managed, kept <br />strictly confidential and disposed of in such a manner as to prevent access by any non-TriTech personnel or <br />non -authorized TriTech personnel. Secure management of customer data is managed according to the following <br />procedures: <br />TriTech has deployed a secure technology infrastructure hosted at secure TriTech corporate facilities. TriTech <br />facilities have the following protection features on site: <br />/ Monitored by security cameras. <br />1 Card key authentication required for building access. <br />/ Alarm system with individual staff access. <br />/ Secure server facilities with limited access (subset of TriTech Security personnel). <br />/ Secure sub -networks for storage of Client data and Client information. <br />The contents of this material are confidential and proprietary to TriTech Software Systems, Inc, and may not be reproduced, <br />published or disclosed to others without the prior written consent of TriTech Software Systems, Inc. <br />©2015 TriTech Software Systems <br />