• security

Security

  • Security starts at the front door! No getting into our facilities without the right credentials. Once we are in, our electronic badge must have the right access or the doors to the mantrap with the biometric scanners will not open. Now we are into biometric scanning to validate us one more time. From there all movements are tracked on video camera.
  • Network activities are logged with syslog servers and change management software. Our internal and management networks are separate from our customers bringing the highest levels of security. Your environment is on a secure segmented VLAN or if you need we can put you on your own dedicated firewall. Need more? We can help you with more network segmentation or IDS/IPS products.
  • 24-hour Card key access

  • Intercoms and security cameras

  • Biometric hand scanners

  • 24-hour staffed NOC

  • Closed-circuit live monitoring

  • Electronic card control

Compliance

Fortitude Technology is PCI Certified. We undergo annual third party audits ensuring that we are taking the steps to ensure we are doing our jobs, following the standards that are set by the PCI SSC.

PCI Security Standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The Council is responsible for managing the security standards, while compliance with the PCI Security Standards is enforced by the payment card brands. The standards apply to all organizations that store, process or transmit cardholder data – with guidance for software developers and manufacturers of applications and devices used in those transactions.

(SSAE) 16 Statement on Standards for Attestation Engagements is an auditing standard for service organizations, superseding SAS 70. The latter’s “service auditor’s examination” is replaced by a “Service Organization Controls” (SOC) report. SSAE 16 was issued in April 2010, and became effective in June 2011; many organizations which followed SAS 70 have now shifted to SSAE 16.
SSAE 16 reporting can help service organizations comply with Sarbanes Oxley‘s requirement (section 404) to show effective internal controls covering financial reporting.[3] It can also be applied to datacenters, or any other service that might be used in the delivery of financial reporting.

Fortitude Technology will work with you to ensure that your infrastructure and network are meeting the necessary requirements for such regulations as the Federal Financial Institutions Examination Council (FFIEC), Health Information Technology for Economic and Clinical Health (HITECH), Health Insurance Portability and Accountability Act (HIPAA), Data Security Standards (DSS), Gramm-Leach Bliley Act (GLBA), Federal Information Security Management Act (FISMA) & others.