Onison Home
Onison: Brilliance in Simplicity
   

Security Diagram  

Our commitment to security is second to none. We ensure a highly secure physical location for our servers as well as secure database and application systems to prevent malicious attacks and interceptions of your data.

 

 

 

 

Click on the image to view a diagram of our server system which includes mirrors, backups and redundancies.
onison Security Information

 

Running application services for thousands of clients is onison's business. While our customers are concerned about security, our very existence depends on it. Thus, onison's commitment to a secure and reliable environment is the top operational priority.  onison's security details are reviewed on an ongoing basis through an independent, certified security consultant.

 

Physical Security - onison's fully air conditioned data center is protected by 24 hour building security monitoring including CCTV surveillance and recording. Access to the servers are limited using "Mantrap" entry with key card and biometric access auth­entication, limited staff access and access logging on all key card doors.

 

Power - Our servers are located in a brand new, state-of-the-art facility located in a AAA-rated building with dual electrical grid connections from independent substations and internally re­dundant, bypassable 250 kVA UPS systems. Also in place is a dedicated backup generator with manual bypass to second non-dedicated backup generator in the event of generator failure and a non-service-affecting FM-200(r) Fire Suppression System with multiple zones, central control, and connectivity to the building fire system.

 

Internet Connectivity – Our Internet connection features fully re­dundant core switches, routers, and load balancers, utilizing 802.1w rapid spanning tree protocol (RSTP) for split-second failover and high availability. We also provide multiple GigE backbone trunks for fast network performance and traffic spike tolerance 24 x 7 environment and network monitoring and re­sponse. Multi-homed network with BGP-advertised address space and connections to multiple Tier-1 providers and latency-optimized routing with excellent connectivity to Canada, U.S. and Europe.


Internet Security - onison provides monitoring with detailed ftp, SMTP, and SSH daemon login requests. In addition, Image­Director machines are protected with a secure firewall. The operating systems are regularly patched to prevent hacking into our systems.


Database Security - onison's database for ImageDirector and Taggon Services has all public ports blocked. The database is accessible from within our network only. PHP connects to an internal database server. Passwords are encrypted to prevent interception. onison searches for illegal user entries and takes precautions for denial-of-service type attacks.
 

After three login attempts, the access to the affected account will be temporarily closed while the user receives an email im­mediately with this information, accompanied with a new pass­word. The administrator receives a copy of the information.

 

In the autosignup process, „secure“ and easily memorable pass­words are generated.

 

User specific IP restrictions are possible at the level of users as well as at the level of assets through the ImageDirector and Taggon applications and through the databases.

 

Application security – The applications are protected with session control. Without authentication, access to any page is denied.

 

Links to files that can be mailed directly or through an email feature, and are randomly encrypted with 32bit. Only the data­base knows the true identity of the files. In addition, access to such files can be restricted to users of the system. Alternatively, a warning can prompt the user that the recipient does not have the necessary rights.

 

Backup – The system is incrementally backed up daily and fully each week. The backup tapes are securely stored outside of our building. There are no access rights on those tapes. Only  administrators have access to such data. Backups can be pro­vided upon request on DVD. Such DVD contains a copy of the database information.

 

Logging – Each login, file download, file upload, preview and thumbnail view is logged. Because of the overwhelming amount of data, thumbnail views are not contained in the statistics. All statistical data is kept in the system for three months. Upon request, the data can be stored longer. Current standard statistics allow lists per user, group, cd orders, downloads, uploads, previews, logins, privileges and an ID field of the assets. Administrators have access to a systemwide adminlog.

 

User and asset privileges are not logged as a default. Upon re­quest, they can be added to the logging information.

 

SSL – Data encryption can be supported at apache webserver level through SSL. Upon request, an LDAP routine can be in­cluded.

 

 

 


Our Products

 

ImageDirector Digital Asset Management

 

Taggon Web Based Content Management System

 

Preeon Web-Top Publishing System

 

Onxxon Web Imaging for CMS

 

Free Trial

Sign up for free to start exploring the symplicity of the Rich Internet Applications of Onison. 

 
Onison: Brilliance in Simplicity
Taggon Web Content Management Software Onison Enterprise Content Management Software Site Map