Published On February 14, 2023 | 5 Min Read
With DreamzCMMS you can focus on maintenance and less worry about infrastructure, scaling, security, and ops. This document is about DreamzCMMS security and compliance to let you know just how safe it is. System is compliant with ISO 27001, PCI Level 1, HTTPS Encryption, DDOS Mitigation, Authentication, Application data snapshots, and more.
DreamzCMMS is deployed on Amazon Web Services which is managed within Amazon’s secure data centers. Amazon continually manages risk and undergoes recurring assessments to ensure compliance with industry standards. Amazon’s data center operations have been accredited under:
Amazon has many years of experience in designing, constructing, and operating large-scale data centers. ISO 27001 and FISMA certified data centers managed by Amazon. AWS Data Centers are state of the art, utilizing innovative architectural and engineering approaches.
FIRE DETECTION AND SUPPRESSION
Automatic fire detection and suppression equipment has been installed to reduce risk. The fire detection system utilizes smoke detection sensors in all data center environments, mechanical and electrical infrastructure spaces.
POWER
The data center electrical power systems are designed to be fully redundant and maintainable without impact to operations for 24 X 7.
CLIMATE AND TEMPERATURE CONTROL
Climate control is required to maintain a constant operating temperature for servers and other hardware, which prevents overheating and reduces the possibility of service outages. Data centers are conditioned to maintain atmospheric conditions at optimal levels.
AWS Data center staff monitor electrical, mechanical and life support systems and equipment so issues are immediately identified. Preventative maintenance is performed to maintain the continued operability of equipment.
FIREWALLS
Firewalls are utilized to restrict access to systems from external networks and between systems internally. By default all access is denied and only explicitly allowed ports and protocols are allowed based on business need.
Security groups restrict access to only the ports and protocols required for a system’s specific function to mitigate risk.
DDOS MITIGATION
We work closely with our providers to quickly respond to events and enable advanced DDoS mitigation controls when needed.
Our infrastructure provides DDoS mitigation techniques including TCP Syn cookies and connection rate limiting in addition to maintaining multiple backbone connections and internal bandwidth capacity that exceeds the Internet carrier supplied bandwidth.
SPOOFING AND SNIFFING PROTECTIONS
Managed firewalls prevent IP, MAC, and ARP spoofing on the network and between virtual hosts to ensure spoofing is not possible. Packet sniffing is prevented by infrastructure including the hypervisor which will not deliver traffic to an interface which it is not addressed to.
PORT SCANNING
Port scanning is prohibited and every reported instance is investigated by our infrastructure provider. When port scans are detected, they are stopped and access is blocked.
DATA SECURITY
Customer data is stored in separate access-controlled databases per application. Customers with multiple applications are assigned separate databases per application to mitigate the risk of unauthorized access between applications.
SYSTEM CONFIGURATION
System configuration and consistency is maintained through standard, up-to-date images, configuration management software, and by replacing systems with updated deployments.
SYSTEM AUTHENTICATION
Operating system access is limited to DreamzCMMS Technical Administrator and requires username and key authentication. Operating systems do not allow password authentication to prevent password brute force attacks, theft, and sharing.
VULNERABILITY MANAGEMENT
Our vulnerability management process is designed to remediate risks without customer interaction or impact.
Our Risk Management Team is notified of vulnerabilities through internal and external assessments, system patch monitoring, and third party mailing lists and services. Each vulnerability is reviewed to determine if it is applicable to environment, ranked based on risk, and assigned to the appropriate team for resolution.
BACKUP OF APPLICATION DATABASES AND CONFIGURATIONS
All application data is scheduled to backup on regular intervals. When required, data can be restored from the last snapshot if data loss occurs.
All application configuration is scheduled to backup on regular intervals. When required, data can be restored from the last snapshot if data loss occurs.
DATA RECOVERY
Restoration configurations automatically restores customer applications and databases in the case of an outage.
ENCRYPTION IN TRANSIT
All the communications between clients and servers are encrypted via industry best-practices HTTPS and Transport Layer Security (TLS) over public networks. TLS is also supported for encryption of emails.
Emails are also Amazon SES powered as service provider with HIPAA-eligible and FedRAMP-, GDPR-, and ISO-certified.
ENCRYPTION AT REST
All customers benefit from the protections of encryption at rest for offsite storage of attachments and full daily backups.
Uptime
Availability is guaranteed with 99.5% uptime by AWS.
Redundancy
DreamzCMMS employs service clustering and network redundancies to eliminate single points of failure. Our strict backup regime ensures Service Data is actively replicated across primary facilities. Most data centers are chosen for low latency.
Disaster Recovery
Disaster Recovery (DR) program ensures that services remain available or are easily recoverable in the case of a disaster.
Enhanced Disaster Recovery
With Enhanced Disaster Recovery, the entire operating environment, including Service Data, is replicated in a secondary site to support service resumption should the primary site become fully unavailable.
Reduce upto 20% on labor and parts through efficient labor and parts planning
20% Cost savings Learn MoreProper utilization of assets leading to increased asset useful life with scheduled and preventive maintenance
Save 15% on Maintenance Learn MoreMeet 100% commitment with proof of completion on AMC agreement
100% commitment Learn MoreEasily maintain information trail with optional blockchain security for meeting audits and statutory compliances
Auditing Learn More