Thanks to over twenty years experience of simultaneously managing multiple projects involving several customers, MGRD has been able to set up a strategy of global data security based on meticulous risk assessment. Aware, in fact, of what might occur in the case of important data finishing in the wrong hands which, in turn, might be lost through theft, disasters, malware, hackers, etc., our approach regarding data security is outlined below.

In addition, it should be pointed out that our personnel has been appropriately trained in this field and, at the customer’s request, we are able to run, together with specialised data security companies, penetration tests to identify potential critical vulnerability points and take any necessary remedial action.

Information & Communication System:

  • Shared Trust Zone network
    • Highest security and Data separation
      • Isolated sub-networks
      • Internal connection for shared systems and services
      • Customer with direct connection to home LAN
      • MGRD network services shared to authorized user and computers
      • High availability & Fast network services
    • High speed LAN – LAN 1Gb
      data security
  • Information Security & Policies
    • Data management
      • Data allowed on Data vault or database only.
      • Local storage locked
      • Internet access restricted to specific users, services and sites.
    • Provisioning
      • Every manager requires authorization for it’s own users
      • Standard Application uses Domain Level Authentication
      • Specific Application requires a second Application Level Authentication
    • DE provisioning
      • Managers communicate “ANY” user demission
    • Physical
      • Locked access to Server Room
    • Logical
      • Perimeter Network (DMZ)
      • Firewall with double internet connection for high availability
      • User or Standard Zone
    • Authentication
      • Domain controllers
      • Windows Logon caching
    • Low User privilege
      • User cannot install or remove applications
      • User cannot change driver and system configuration
      • User cannot change network parameters
      • User cannot USB and writable devices
    • Antivirus & Anti-spam
      • Centralized and daily updated
      • Real time control
    • Patch and Updates
      • Centralized update for Operating System and Main application
  • Conferencing & Collaboration Tools
    • Mail
      • MGRD server with Antispam
      • Accessible from mobile
      • Accessible from internet
      • Customer dedicated Mail server – no internet access
    • Calendar
      • User
      • Shared to the group
      • Customer dedicated
    • Videoconference and Chat
      • Skype
      • Webex
      • Video Conference over IP
      • Any Customer WEB collaboration tools (TeamViewer, LiveMeeting etc.)
      • MS Lync/ Communicator
  • Data Availability
    • Backup
      • Hot backup on databases
      • Hourly and weekly with snapshot and restoring on user side
      • Monthly on centralized tape library
    • Power Supply
      • Server Rooms has privileged power line connected to power infrastructure with backup power supply for about 4-6 hours
      • All data and application on Vmware and fully redundant server and NAS
    • Other Services
      • All main network services are equipped with high availability systems to guarantee the business critical activities, monitored by Mail and SMS alarm for any configurable issue