Get Started
Total Expert, Inc
Open Nav

Security

Committed to Safeguarding Your Data

Security is our priority

We believe nothing is more important than protecting our customers’ data. We encrypt all data from login to logout, holding ourselves to the highest encryption standards.

We’d like to explain how we store, process and secure that information.

Data centers

You will always be up and running. Total Expert’s products run on best-in-class infrastructure at Rackspace data centers.

Each Rackspace data center is restricted by biometric authentication, keycards, and constant surveillance. This helps ensure that only authorized engineers have access to routers, switches and servers.

Rackspace’s power systems deliver conditioned power while protecting against sags, surges, swells, spikes and electrical noise. Uninterruptible power supplies (UPS) provide instant failover for continuity during a power outage, with on-site diesel generators prepared for extended outages.

Rackspace also has redundant HVAC systems for immediate failover. Additionally , heir robust network includes nine backbone providers, allowing traffic to shift as needed to guard against single points of failure.

Total Expert Secure Servers

Rackspace maintains security certifications with:

  • SOC1
  • SOC 2
  • SOC 3
  • ISO 27001
  • ISO 27002
  • PCI-DSS
AICPA Certified

Network Security

Your data is protected at all times. We take multiple steps to prevent eavesdropping between systems, as well as within our infrastructure.

All network traffic runs over SSL/HTTPS, the most common and trusted communications protocol on the internet.

Security Operations

We are always on the lookout for breaches and system interruptions. We’ve invested in detecting and responding to security events and incidents that impact infrastructure.

Security operations at Total Expert is responsible for ensuring the following:

System Security

Our virtual systems are replaced on a regular basis with new, patched systems. We’re relentlessly updating our systems to protect your data.

System configuration and consistency is maintained using a combination of configuration management, up-to-date images and continuous deployment.

Penetration Testing

Even though we’ve designed secure systems and procedures, we perform regular security tests to identify and remediate potential vulnerabilities.

We also conduct periodic penetration tests with an expert third-party vendor to help keep our applications safe and secure. These tests cover network, server, database and White Box testing for vulnerabilities inside Total Expert applications.

Logging

Logging is a critical component to Total Expert’s infrastructure. Logging is used extensively for application troubleshooting and investigating issues. We collect everything to form a complete audit trail of user activity.

Application Level Security

We separate the database instances from application servers physically, and believe in the mantra of single­ function servers.

All login pages pass data via SSL/TLS for public and private networks, and only support certificates are signed by well­-known Certificate Authorities (CAs).

All email and CRM credential­-related data is encrypted while in transit using military-grade encryption.

Total Expert application passwords are hashed and even our own staff can’t retrieve them.

Data Protection, Continuity and Retention

Production data is mirrored to remote systems and automatically backed up daily to an off­site location.

We test our recovery procedures regularly by restoring from backup and simulating recovery of a production database.

Our backup retention varies by function and business impact, the minimum backup retention for all systems is seven days and goes up to 90 days.

Our production applications are deployed in multiple locations which can sustain the loss of an entire data center in a region.

Internal IT Security

Total Expert offices are protected behind network firewalls from well­-known security vendors and secured by keycard access.

Collaborative tools like email, document shares and calendars require two­-factor authentication to mitigate phishing attacks.

Critical infrastructure passwords are locked in a virtual vault using AES­256 encryption and can only be accessed by specific professionals within the organization.

©2016 Total Expert Inc. All Rights Reserved. Powered by Total Expert