Information Security Our Clients Know They Can Trust
Iconixx uses a layered approach of overlapping controls, monitoring, and authentication to ensure the security of every client’s data, our entire network, and all of our system resources. From our technology to the people who handle your data, earning your trust is at the forefront of your designs and policies.
Data Center Infrastructure
Iconixx operates a Tier IV, 2N data center with compliance for PCI, HIPAA, and SSAE 16 Type II.
All Iconixx building entrances require card key access. In addition:
- Primary computer areas require card key and biometric (IRIScan) authentication.
- More than 200 closed-circuit cameras cover the outside of the building, all entrances, and computer rooms.
- All cameras are taped on time-lapse recorders and stored for 90 days.
- At least two security guards are on-site at any time.
- The guard station is manned 24/7, 365 days a year, inside a bullet-resistant enclosure.
- All monitoring and alarm systems are on a UPS system within guard station.
All Iconixx firewalls are virtualized, with a redundant pair of Cisco firewalls in failover configuration.
Additional Firewall Security
- Host-based Intrusion Detection (HIDS)
- HP OpenView
- GFI LanGuard
- Network Intrusion Detection (NID)
- Common appliance screens all incoming traffic
- Integrated with reports from firewall and device logs
- Event correlation and filtering
Database Layers and Isolation
Operational data schema
- Isolated customer schemas
- Designed and tuned for high transaction volumes
- Two-phase commit and rollback mechanisms
- Configurable and extensible
Reporting and data mart schema
- Separate from live calculations
- Designed for data retrieval performance
- Compensation, workflow, and HR data
- Scheduled, automatic population of schema
Configurable total quota planning software that allows you to create and manage quotas using historical data.
- Application user accounts are managed directly by customers.
- All user passwords are encrypted.
- Password controls include:
- Minimum length
- Minimum number of lowercase characters
- Minimum number of uppercase characters
- Minimum number of symbols
- Password expiration period
- Prior password usage
- Automated password reset
- Automated password reset wait period
- Customer-specific Authentication (encrypted URL parameters)
- SAML 2.0
- On-demand uploads and downloads via application interface
- Web services
- 128-bit encrypted transfers
- Automated file uploads and downloads
- 1024-bit encrypted transfers
- Individual file encryption (like PGP) also supported
Schedule a Free Consultation
Our average activation period is a mere 10 weeks, so you needn’t worry about excessive down time.