System Architecture and Security
The multi-tenant AOD architecture is built on a J2EE platform and includes a combination of open source and custom components.
The application is designed to handle massive datasets with rapid responses to system requests in spite of heavy loads. AOD utilizes several techniques to ensure excellent and consistent performance.
In many cases the greatest threat to data security is not external hackers, but rather internal employees with access to systems. We have taken several steps to control the physical access to our systems, including:
All of our data systems reside in SAS 70 Type II facilities.
- 24/7 video and audio surveillance
- Stringent Background Checks on all employees
- Highly secured building
- Natural Disaster resistant building design
- N+1 Cooling and redundant networks
We have architected this system to be secure from outside intrusion. Multiple controls, layers and processes have been put in place including, but not limited to:
- Managed Firewalls
- Multi-tiered Security and Authentication Policies
- Biometric two-factor security
- Compliance with industry-standard best practices
- UI-based SSL w/multi-tiered authentication
- Managed Compliance to ensure systems comply with privacy regulations
- Managed Intrusion Detection
- Security Assessments
We also work with Axxera, a leading software security firm, to ensure the availability of the networks, intrusion detection and conduct forensic analysis of any attacks. The AOD portal runs via an SSL connection to insure that data is always transferred via a secure socket and encrypted The portal is protected with two-factor biometric keystrokes as well as the conventional user id and password. This technology ensures that only the actual person can authenticate based on their credentials as well as keystroke rhythm.