EchoSpan Network Security and Availability

The security of your data is very important to us, as is making certain you can access your EchoSpan tools when you need them. We are committed to investing in industry-leading security and high-availability technologies for our customers. All EchoSpan servers are hosted with Microsoft Azure in Dublin, Ireland with a disaster recovery facility at Rackspace in Dallas, Texas. Hosting in the European Union ensures that our customers' personal data is protected by the General Data Protection Regulation (GDPR).

At-Rest Data Encryption

EchoSpan partners with Microsoft Azure to provide clients with the best in at-rest data security. Information that is stored in EchoSpan's database is encrypted SQL Server's TDE, which encrypts all data using the latest in AES algorithms.

In-Transit Data Encryption

Data being transmitted to and from EchoSpan's web application is secured by Secure Sockets Layer (SSL) technology. This ensures that information passed between the customer's browser and our servers is secure and private. Additionally, each user session is secured with a unique encryption key that is renewed each time the user logs in. This provides extra protection against hackers that might be monitoring a user's browser session.

Intrusion Detection and Prevention

EchoSpan employs an Armor Anywhere intrusion detection system (IDS) to protect its network from malicious site traffic. The purpose of the IDS is to monitor the application's network for suspicious activities and to block requests from computers that it determines are attempting to gain unauthorized access. The IDS is manned 24x7 by industry-certified security experts. Policy violations are reported and dealt with within seconds of detection.

Network & Application Firewalls

EchoSpan's firewall is an Azure-based solution that prevents unauthorized access attempts to the system's network and application. As with our IDS and other security devices, EchoSpan has made a conscious effort to provide more robust network security technologies to protect client data where many competitors choose simpler, cheaper methods of protecting network assets.

Single Sign-On

EchoSpan provides Enterprise Edition clients with complimentary SAML 2.0 single sign-on access for their users. Single sign-on makes EchoSpan access more convenient and secure by allowing your employees to log in using the same username and password combination that they use for your corporate intranet, while never sharing or storing those credentials outside of your organization. Users will then not have to maintain and remember a separate EchoSpan username and password.

Regular Security Reviews

We test our application and infrastructure several times a year for vulnerabilities and performance problems. Regular automated and manual penetration tests are conducted twice a year to ensure that any loopholes in security are detected and remediated. Penetration tests are also performed after every major release of updates to the system.

Regular Load Testing

EchoSpan's application is load tested after major software releases or infrastructure changes to make sure we have network capacity to manage current and anticipated client volume. Benchmarks are set based on maximum client traffic vs. average client traffic to ensure that sufficient bandwidth exists for peak usage. Site traffic is monitored 24x7 with alerts sent to network management any time the system reaches threshold levels.

Redundancy and Multiple Tiers

All EchoSpan systems are redundant. This means that each server running a portion of the EchoSpan system has a "hot" backup ready to take over in the event of trouble. Each application function (database management, application, reporting) is housed on its own set of servers, thereby providing true multiple-tier architecture. Multiple-tier architecture helps balance demands on servers and prevents any one particular component of the application from adversely affecting the performance of the others. A multiple-tier architecture costs more to secure and manage, but provides our customers with the highest level of availability and performance.

Load Balancing

EchoSpan's application servers are load balanced by a hardware load-balancing device. This device routes incoming customer requests to servers that have the most available capacity.

Backups

EchoSpan backs up all client data daily to tape and network. Backups are encrypted and stored off-site.

GDPR-Compliant

EchoSpan is GDPR-compliant company and one of the first in the industry to adhere to its privacy standards.