Packcity - Outdoor

  • FAQ

    An HIDS (Host-based Intrusion Detection System) (OSSEC) is used to protect the Packcity server against installation of unauthorized software. On Neopost workstation and Windows
    servers, Kaspersky antivirus is also used to scan the application against virus or malicious Software. Antivirus is automatically updated.

    Manage through Active Directory policy application. Strong password with at least 8 characters with 1 upper, 1 lower, 1 number, 1 non-alpha. Renewal all 90 days. Keepass tool is used to store in a secure way passwords.

    Client data is stored in a secured sub network (MZ), which is not accessible from WAN, but only from web servers (DMZ).
    Direct access to database is restricted and can be done only by authorized staff.
    Neopost guarantees and commits that customer data are not used for any business or any Marketing purposes.

    Physical data center access is only restricted to authorized employees. All employees who need data center access must first apply for access and provide a valid business justification. These requests are granted based on the principle of least privilege, where requests must specify to which layer of the data center the individual needs access, and are time-bound. Requests are reviewed and approved by authorized personnel, and access is revoked after the requested time expires. Once granted admittance, individuals are restricted to areas specified in their permissions.

    All equipment is checked upon arrival. Visitors are screened upon entry to verify their identity, and in shared situations, are escorted to their appropriate locations.
    We also restrict personnel access to all hypervisor management functions or administrative consoles on the principle of the least privilege.

    The application server and database are backed up nightly to an external site. Backups are not
    encrypted.
    RTO (Recovery Time Objective) = 4 hours.
    RPO (Recovery Point Objective) = 24 hours.

    More FAQ's...