It’s constantly on the news, every week there is a new breach of security, another website is hacked, another company's data is compromised. Companies are under constant strain to improve security, and nearly all of us have information, documents and data that is stored online. Many of us don't even think about the risks and potential impact on our personal information, but for organisations it is a priority to ensure the security of our clients information and data. No one wants to be the next to be breached!
Now, morbid scenario’s aside, what's the truth about Cloud Technology for businesses? It’s a constant challenge posed at companies that provide Cloud Solutions. The argument normally comes from on-premise solution providers, claiming the security of Cloud Technology is more easily compromised than that of an on-premise solution.
The truth is we can't speak for any other solution other than the one we use. I would love to paint a lovely picture of “Cloud Technology is always safe”, but I can’t. We can only speak about the solution we provide, and we are more than happy to be able to provide a better insight into NetSuite’s security as the transparency and information provided is down right impressive!
So here are the facts! From on site security at data centres to application security, we hope to shed some light on the truth about NetSuite’s attention to detail when it comes the security of your data.
Facts about NetSuite’s Data Centre Infrastructure
- Redundancy: Many layers in the NetSuite system implement multiple levels of redundancy. This design allows one or more elements to fail without any interruption in service by having multiple, redundant systems online to automatically assume processing on behalf of the failed component.
- Disaster Recovery: Depending on where your business is based (EMEA or USA) your data is kept and replicated across two data centers, either California and Massachusetts, or Dublin and Amsterdam. Data in both data centre's is replicated and synchronised by way of a proprietary replication mechanism built in house. In the event that the primary data centre fails, all operations fail over to the secondary data centre. This failover procedure is tested and proven on the live site twice annually. The failover procedure is automated and can be triggered in push button fashion. NetSuite has operations engineers geographically distributed from each other, as well as the data centres in order to be able to execute a failover in any disaster scenario.
- Scalability: As of January 2014, trailing 12 months, NetSuite supports over 20,000 organisations with over 6 billion customer requests per month. NetSuite has designed its systems to accommodate surges and spikes in usage, and to scale upward smoothly to address increased volume and transactions.
- Encryption: Transmission of users’ unique ID and passwords, as well as all data in the resultant connection, are encrypted with industry standard SSL.
- Application-Only Access: The system is divided into layers that separate data from the NetSuite application itself. Users of the application can only access the application features, and not the underlying database or other infrastructure components.
- Role-Level Access and Idle Disconnect: Customers can assign each end user a specific role with specific permissions to only see and use those features related to his or her own job. There is a complete audit trail whereby changes to each transaction are tracked by the user login details and a timestamp for each change is provided. The system also detects idle connections and automatically locks the browser screen to prevent unauthorised access from an unattended computer screen.
- IP Address Restrictions: Restrictions on accessing a NetSuite account from specific computers and/or locations can be enforced. This is very useful for customers who are concerned not only about who is able to access their NetSuite account, but from where they access it as well. This feature significantly reduces the risk of unauthorised third parties accessing a user’s account.
- Robust Password Policies: NetSuite offers fine-grained password configuration options, from the length of the user’s passwords, to the expiration of a user’s password at any time frame they desire. Customers can set up strict password policies to ensure that new passwords vary from prior passwords, and that passwords are complex enough to include a combination of numbers, letters and special characters. Accounts are also locked out after several unsuccessful attempts. For customers who desire a higher level of access control, NetSuite offers multi factor authentication using a simple physical token. In addition to entering their own passwords, users must possess physical tokens that generate random one-time passwords. These cryptographically robust passwords prevent key loggers, shoulder surfers, phishers and password crackers from accessing a user’s account.
We could go into more information about the security around access to the physical data centres, the continuous monitoring of their network, and more. Though for this blog, we want to paint a picture of the attention to detail in maintaining your security, and the security of your customers and clients.
The reality is NetSuite is the world’s largest cloud ERP vendor, supporting over 20,000 organisations, processing over 70 billion requests per year, investing over $38 million in R&D annually, and having greater than 4 million unique logins per quarter. NetSuite also has a track record since 1998 of maintaining the security of their customers’ records. This is an impressive track record indeed.
Hopefully this answers some questions, and sheds some light on NetSuite's Cloud security. Like we said, as far as other solutions go, we can't really speak for them, but we can speak for NetSuite, and we are proud to represent a solution that is meticulous about security, client privacy, and overall protection for individual organisations.
FREE Data Center Fact Sheet
If you would like a more in-depth view of NetSuite security, simply enter your details below to download the NetSuite Data Centre Fact sheet FREE.