We take the privacy and security of your data very seriously. We know that you entrust us with valuable and potentially sensitive information pertaining to your construction projects, workplaces and sometimes even homes. Through a multi-tiered security model and by partnering with best-in-class technology providers, we do our utmost to ensure your peace of mind on issues of information security.
All of our customers and staff access project information by way of a password protected web application. Strong password requirements and optional password expiry policies ensure password integrity.
Your project is visible only to those people on your project team that you choose to have a login issued to. Within a project, further granular permissions can segment content and features by user. And you have full control over who sees any content that you add to our system – share it with the whole project team if you like, keep it private to yourself, or somewhere in between.
Big Company – Small Teams
A fundamental tenet of information security is the ‘principle of least privilege’. This means limiting even our own staff privileges to those which are essential to their job function. Access to your project information is limited to local employees directly supporting the project along with a limited set of central Systems Administrators and Quality Auditors.
Application and Data Security
Data In Transit - TLS/SSL Encryption
All data in transit is secured with 256 bit SSL/TLS encryption with certificates issued by the Symantec Corporation, the most trusted name in cyber security.
Data At Rest
Within our database, password data is hash and salt encrypted to impede brute force or reverse lookup attacks. Even our own admins have no means of decoding your password.
Data Centers and Hardware
Best Available Technology Partners
All of our data is stored in US-based, state-of-the-art data centers owned and operated by Softlayer, an IBM company (http://softlayer.com). Our application and database servers run on dedicated physical hardware within Softlayer’s DAL05 (Dallas, Texas) and SJC01 (San Jose, California) locations. All SoftLayer data centers maintain multiple power feeds, fiber links, dedicated generators, and battery backup to ensure high availability in all circumstances
Data Center Security
All Softlayer data centers have extensive security measures in place including biometric access control and monitoring http://www.softlayer.com/data-centers
Compliance and Auditing
All data centers that Multivista employs meet multiple industry compliance standards: http://www.softlayer.com/compliance. Independent auditors and organizations ensure that Softlayer’s controls meeting the strictest industry guidelines.
High Availability Infrastructure
Our web application runs in a load balanced, high availability cluster. Similarly, the database tier of our infrastructure is set up for automatic failover to a mirror in the event of a hardware failure.
Backup and Disaster Recovery
Disaster recovery planning means that you have thought about what would happen when the unthinkable happens. Multivista has contingency plans for failures ranging from component level, to system level to site level. In addition to database mirroring, full database backups are captured every evening and shipped offsite. With respect to photo and video data, multiple copies of each photo are saved within each file storage cluster. Furthermore, the storage clusters are mirrored between two geographically diverse datacenters to allow us to maintain business continuity in the event of a catastrophic event at a given data center.