Posts Tagged ‘Data Security’

« Older Entries

RFID In Our Everyday Lives Outside of Inspection and Safety Compliance

Friday, November 5th, 2010

RFID seems to be sneaking into our everyday lives more and more these days.  Below are three RFID applications that show us RFID is going mainstream.

Border Control

Nexus Card

I now officially carry around an RFID tag most of the time (no, I am not wearing an Evotech harness around) ; I applied for a Nexus card.  For those of you who don’t know, the Nexus program is a “trusted traveler” program that allows residents of Canada and the US to cross the border quicker than usual.  When driving over the border, I hold up my RFID card and point it at a reader.  An LED display then shows the number of cards scanned in the car.  What’s really neat about this program is the fact that identification is performed by an eyeball scan when crossing airport security.

Portable Computing

iPhone

It has been rumored that the next iPhone (the iPhone 5) will have NFC ability.  NFC stands for Near Field Communication, and is a type of RFID.  I recently read on Boy Genius that the NFC may be used to support portable computing.  To be clear, this could mean that the your iPhone will store information about your user profile on your Mac.  When you wave your phone near another NFC enabled Mac, your settings about applications and some data are copied to the other device.  It will be like sitting at your computer at home, even though you’re out.  Instead of using VNC, you would just need your phone.

If NFC becomes more popular in smart phones this will be a huge step forward to making RFID as accessible as barcodes.

Tags: , , , , ,
Posted in Mobile Inspections | No Comments »

The Benefits of Using Software as a Service for Safety Inspection – Part 2 of 2 – Operations

Friday, June 25th, 2010

In my last post, I discussed the financial benefits of Field ID’s Software as a Service model.  There I showed how SaaS offers a lower total cost of ownership and quicker return on investment.  But that’s only half the story.  Today I will highlight another advantage of SaaS: the operational benefits.

Access Anywhere

On-site software is typically deployed behind the firewall in your corporate network.  This deployment is important since it keeps the data private and secure.  It does, however, come at the price of remote accessibility.  IT departments use a number of tricks to allow remote access (VPNs, NATs, etc..) but each solution is a compromise between how open (and easy) that access is, and how secure your data is.

Field ID offers secure, ubiquitous access.  There’s no need to compromise.  Access your safety inspection information from anywhere, and do it securely.  All you need is an internet connection.

No need to involve IT

A common concern among many organizations, is the need to involve IT in the purchasing decision.  When purchasing software, a number of questions arise when involving IT: How much hardware do we need?  Who will be responsible for managing and maintaining the hardware and software?  Whose budget will all this come out of?  This level of coordination can turns a small project into a complex one.

Since Field ID is simply delivered to you as a service, there’s no need for IT involvement.  No hardware to buy and provision, nothing to manage.

No more software maintenance

Keeping software running and up-to-date is always a challenging task.  There are patches and version upgrades, hardware maintenance such as hard drive and memory replacements, and operating system security patches.  Finally, you need backups to keep everything safe.  This constant maintenance is costly to an organization and takes time from the issues you really want to be concentrating on.

Software and hardware maintenance should not be your problem.  With Field ID, you buy a user account and we provide you with a fast, stable and secure application.

Between the financial and operational benefits, I hope you can see why I’m so passionate about software as a service.  As a CTO, I buy SaaS whenever I can.  For example, our issue/feature tracking, source code repository and document sharing are all provided to us as a service.  In fact, there’s very little software that we manage internally.  This allows my development and IT teams to focus entirely on our core task: providing you with the best Inspection and Safety Compliance Management solution in the industry.

Tags: , , , ,
Posted in Inspection Software, Safety Compliance | No Comments »

How Secure is your Safety Inspection Data? Part 4 of 4 – Availability

Thursday, June 3rd, 2010

So we’ve come to the last post in my 4-part series on data security.  Here’s a quick recap of what we’ve seen so far:

  1. Security:  Is my safety and inspection data private? Absolutely, Field ID leverages a mix of cutting edge system, application and data center security practices to provide you with the highest level of security possible.
  2. Integrity:  Is my safety and inspection data safe from failures in hardware, software and humans? Definitely, Field ID keeps your data safe using a comprehensive integrity strategy, including redundant storage and offsite backups.

Today we discuss our final topic:

Availability: Can I access my safety data when and where I need it?

Data security and integrity are both important principals, however, they are of little use if you can’t access your data.  Integrity comes down to one main concept: fault tolerance.  In a fully fault-tolerant system, any component can fail and the system will continue working.  This system sounds similar to the Integrity concept discussed previously but it has a different focus.  Integrity is focused on ensuring recoverability in the event of a total catastrophe.  Availability focuses on preventing catastrophes from happening in the first place.

100 Percent Uptime

To show how Field ID is keeping your Safety and Inspection Data online and available all the time, we need to take another look at our hosting partner Rackspace.  In order to offer you the highest availability possible, Field ID needs a hosting provider that conforms to the highest standards in uptime.  Rackspace  not only achieves this, they guarantee it with their 100% Network Uptime Guarantee.  Let’s take a look at how they make this guarantee possible:

Network

  1. Partnered with 9 different network providers, allowing for the failure of multiple providers without service interruption.
  2. Fiber cables enter the data center at separate physical locations.  This protects against the accidental severing of fiber lines during construction.
  3. Network monitoring and alerting is deployed for real-time network status information.
  4. Network is provisioned, so that it is always ahead of capacity.

Power

  1. Redundant Uninterruptible Power Supplies.  In the event of a blackout, server and network power fails over to UPS.  UPS’s are themselves redundant, protecting against UPS failure during a power outage.
  2. Backup generators allow for continuous power during long blackouts.
  3. N+1 Redundancy.  This means that every component in the system has a backup.  Servers have multiple power supplies, taking separate paths to different power distribution units, connected to separate UPS’s.

These practices all sound great on paper, but the proof is in the pudding. Over the past year, Field ID has experienced less than 1 hour of unscheduled downtime;  This equates to an availability rating of 99.99% uptime! This is among the highest in application availability in the industry.

Thanks for tuning in.  This concludes my 4-part series on data security.  I hope you see now just how committed Field ID is to keeping your Safety and Inspection Data secure, safe and online.

Tags: , , ,
Posted in Inspection Software, Safety Management | No Comments »

How Secure is your Safety Inspection Data? Part 3 of 4 – Integrity

Friday, May 28th, 2010

Last time we took a look at the security of your Inspection Data in Field ID. Today, we’re going to take a closer look at part 3 of my 4 part series: Integrity.

Integrity: Is my data safe from failures in hardware?

In the world of safety compliance, there is one truth we are all acutely aware of: hardware fails.  The same is true for IT.  A myriad of components make up the systems that serve Field ID.  These are the hard drives, processors, memory and other parts that store and process your data.  With all these components, how do we protect against data loss in the event of a failure?

Redundancy:

Hard Disk for Safety Inspection Data

Redundancy is simply having duplicated components serving the same purpose.  When your components are duplicated, a failure in one  allows the system to switch seamlessly over to the secondary.  All of our servers at Field ID use high-availability redundant storage. Our redundant storage strategy leverages a mix of Network Attached Storage (NAS) and Redundant Disk Arrays.  These technologies allow for the failure of multiple hard disks at the same time without loss of data.  Our database servers take it one step further, leveraging battery backed up disk controllers.  This ensures data integrity in the event of a loss of power to the server.

Backups:

Backups are key to any data integrity strategy.  They provide a point in time snapshot of all your data which can be recalled in the event of an emergency to rebuild the entire system.  All data stored within Field ID is backed up nightly.  Backing up your data provides protection against failures within the data center, however this strategy is insufficient to protect against larger disaster scenarios.  What happens if the media holding the backups is damaged?  What happens if the data center is destroyed?  This is where backup replication becomes essential.  Just as we create redundant system parts to avoid total failure, backups must be made redundant as well.  To achieve this redundancy, all backups are replicated to our office in Toronto.  This places the backup data in multiple locations which are physically separated by a significant distance.  Recovery from these backups are tested frequently to ensure data is consistent and complete.

As you can see, our data integrity solution provides comprehensive coverage in even the worst case scenarios.  But backups and redundant storage are just the last line of defense.  Equally important is ensuring the systems don’t go down in the first place. Stay tuned for next time when I discuss the last topic in this series: Availability.

Tags: , , ,
Posted in Inspection Management, Inspection Software | 1 Comment »

How Secure is your Safety Inspection Data? Part 2 of 4 – Security

Friday, May 21st, 2010

In my last post, we discussed the security of your Safety Inspection data.  There, I gave a brief overview of the broad field of Data Security and established a definition of the problem.  To reiterate, here are the three main concepts of Data Security:

  1. Security:  Is my safety and inspection data private?
  2. Integrity:  Is my safety and inspection data safe from failures in hardware, software and humans?
  3. Availability:  Can I access my safety and inspection data when and where I need it?

Today, we will take a closer look at the first topic:

Security:  Is my Safety and Inspection Data Private?

At Field ID the security of your data is our highest priority.  We take special precautions in everything we to do ensure your information is safe in our hands.  Here’s a few of the ways we’re keeping your inspection data out of harms way:

Server and Data Center Security

Rackspace

The home of any software-as-a-service application is the data center.  The data center stores the servers and the servers store your data.  Protecting the server and the data center is the first step towards providing a safe environment for information storage.  To accomplish this task, we turned to our hosting partner: Rackspace.  You may be wondering “Why Rackspace?  Why not host it yourselves?”. Well, because they’re the best.  Rackspace is a public company with 10+ years experience providing highly secure systems.  Here’s an analogy: To keep my money safe, I don’t put it under my pillow.  I take it to the bank whose core business it is to protect it.  Let’s take a quick look at what makes Rackspace the right choice for protecting your data:

  1. Certifications: Rackspace is SAS 70 Type IIPCI and SOX compliant.  These certifications verify that the proper processes and procedures in place to ensure you data is being managed safely.  PCI is of significant importance as it defines a set of requirements specifically geared towards server, network and data center security.
  2. System management practices: All systems in use by Field ID have been security hardened and penetration tested.  This ensures each system has been configured to the highest standard of security.
  3. Data center security: The Rackspace data centers are secured by security camera, biometric scanners and 24×7 security staff to ensure unauthorized access is impossible.
  4. Monitoring and Alerting: All systems are heavily monitored 24/7 for health and status.  Intrusion detection is deployed to catch those attempting to gain access

Application Security

Protecting the server and data center is only the first step to ensuring your data is secure.  The Field ID application is designed as a secure data warehouse facility.  Much thought and engineering goes into making the Field ID system secure for your data.  Here’s some of the ways we make Field ID secure:

  1. Encryption: All communications between your computer and the Field ID server are protected via SSL encryption.  This ensures the safety of your data while in transit.
  2. Data Partitioning: At the core of Field ID is our security engine.  This ensures your data is kept separate and private from other users of our system.  It also protects against malicious users attempting to gain access to your data.
  3. Best Practices: Field ID is developed with industry-standard’s best practices in mind.  These best practices keep us up-to-date on the latest techniques for application and data security.
  4. Testing: Prior to each release, Field ID goes through a vigorous and exhaustive testing procedure to ensure security is being maintained in all areas.

So these are just a few of the things Field ID is doing constantly to make sure your data is safe.  I hope you’re beginning to see just how much thought and effort is put into the safety of your information. Stay tuned for next time as we’ll talk about our second topic: Data Integrity.

Tags: , , ,
Posted in Inspection Software | 2 Comments »

« Older Entries