Data transmission and storage security is imperative in the modern enterprise. That’s why we have taken all measures to keep all information appropriately protected.
The data centres used by us are conveniently located around the world. They are behind a number of security clearances, and there’s always a security guard on duty. These services are in compliance with the SSAE16 standard.
Our staff is granted access only in their respective fields and day to day work. They are also required to maintain confidentiality after departure from the company.
MelonCube's management treats stored customer data with the highest level of security and care. Each piece of customer data is treated as personal and in need of standardised protection. We have employed security policies which ensure the safety of the data storage and transmission.
All MelonCube Hosting connections are encrypted with 256-bit SSL protocol and the website is certified by McAfee.
MelonCube Hosting is in the compliance with the following information related security and monitoring procedures:
- Documented and defined security standards and procedures
- Employee confidentiality agreement
- Verification of employees who have access to customer data
- Access to information granted only to management, who need to work with data or servers
- Customer data access is removed immediately on employee departure or relocation
- Training on internal security policies and raising of security awareness
- Physical security of the data centre
Physical security ensured by data centres and hosting provided to and by MelonCube meets the following requirements:
- Secure rooms with at least two access mechanisms, i.e., key-cards, man traps, security guards, and computer room badge-in
- Only authorised employees are allowed physical access to the servers. 24/7 security on-site
- Backups of customer data are stored with limited access and at a securely controlled or commercial off-site location
- The site guarantees additional protection such as uninterruptible power and fire suppression
- Flawed components in the data centre undergo DoD-approved “erase” or “wipe” procedure (if functionally possible) prior to physical destruction
MelonCube supports technical controls to provide protection for its network, systems, and applications:
- MelonCube utilises professional facilities via top tier hosting providers that protect customer data from external threats
- MelonCube maintains individual accountability for employees that can access systems hosting customer data
- MelonCube has documented user account/password management systems for employees with access to systems that are hosting customer data
- MelonCube ensures that individual access to customer data is controlled, i.e., a complex password is required for each individual user
- Customer data is compartmentalised to prevent unauthorised access and separated from the data of other customers
- Access to customer data is protected by hardened passwords rotated on a 90-day basis
- Wireless connectivity to networks or servers hosting customer data is protected using security mechanisms such as EAP, TTLS, TLS, or PEAP
- MelonCube’s data centre has formal security policies and procedures in place that deal with viruses, other malware and related threats
To ensure protection of confidentiality, integrity, and availability of customer data, MelonCube meets the following usage criteria:
- Each user is assigned a unique ID
- User IDs and passwords can be edited at any time
- Passwords must be at least 6 characters long and of a certain complexity
- The application and resulting access to data in the database has based-on-permission controls limiting access to only authorised customers
- Each change of user login status is logged within each application
- All logs are treated as confidential information and access to reports can be restricted using the permission system
- If confidential data, personal data (i.e., names, addresses, phone numbers), or authentication information (i.e., passwords) is transmitted, MelonCube ensures security by employing 256-bit SSL encryption between each component of the communications path
- MelonCube’s security policy assumes customer data retention is permanent and is designed to that standard