Security & Disaster Recovery Plan
Security & Prevention
Various precautions have been taken to ensure the safety of our servers, our client’s data and the continuity of our operations. Among these, but not limited to:
- Smoke and fire alarms with an integrated sprinkler system
- Non-combustible construction materials
- Key card required building access
- Password required hardware access
- Multiple onsite data storage
- Offsite duplicate software and data backup servers at a secure, limited access location.
- Uninterruptible power source
- Line conditioner
- Power suppressor voltage regulator
- Firewalls and anti-virus systems to detect and quarantine network-based and host-based malware
Isolated Data Compromise
An isolated data compromise is defined as any circumstance in which a minority of client data is affected either through the failure of software, hardware, or security. In this event, iPROMOTEu (Creative is affiliated with iPROMOTEu) staff would first attempt to salvage compromised data and hardware. If salvage is determined impossible, iPROMOTEu staff would restore the client system using the latest data backup (previous day).
- Downtime: Maximum 3-4 hours in extreme cases.
- Loss of data: Minimal. Less than 24 hours.
Cataclysmic Failure
A cataclysmic failure is defined as any event that would affect all access to iPROMOTEu property, including the hardware and software contained within. In the event of this total loss, iPROMOTEu staff would defer to the offsite backup system before establishing a new main location for operations. Client systems will first be restored using latest data backup (previous day). Full public access (e-Commerce) will then be addressed.
- Downtime: Limited access (distributor only) restored same day. Full access (including public E-Commerce access) restored approximately 48 hours from event.
- Loss of data: Minimal. Less than 24 hours.
PCI Compliance
We understand that compliance with PCI standards is a requirement for every business that accepts credit cards, regardless of your payment processing method. CREATIVE & iPROMOTEu use Global Payments for their security of payment data and are PCI Compliant. You can view more about their services at globalpaymentsinc.com.
Cloud Migration
We do daily backups of our production systems and data to the AWS cloud in addition to a local and offsite backup and we have also migrated our servers fully to AWS (Amazon Web Services). Migrating to the cloud improves our server redundancy and minimizes downtime risk.