The ENCON Group Inc

The ENCON Group Inc

<p> ENCON Group Inc. 500-1400 Blair Place Ottawa, Ontario K1J 9B8 Telephone 613-786-2000 Facsimile 613-786-2001 Toll Free 800-267-6684 www.encon.ca Application Addendum Information Technology Security</p><p>The purpose of this questionnaire is to establish what security measures are in place to prevent hardware/software/network losses. Maintaining continuity of services is the primary risk exposure. Situations that can cause an interruption of business are unauthorized intrusion (hackers), fire, power shortage, software/hardware failure, etc.</p><p>1. Name of Applicant: </p><p>2. Internet Access Providers (ISP) Web Hosting Application Service Providers (ASP) Storage Service Providers (SSP)</p><p>3. Do you have a contingency plan? YES NO </p><p>If yes, please provide a copy.</p><p>If no, please provide details of your alternative measures.</p><p>PREMISES SECURITY</p><p>4. Building details: </p><p>5. Do you have card access control to: Building Office Server Rooms None</p><p>6. Do you have a dedicated line alarm system? YES NO </p><p>7. Do you have fire suppression system with capability to suppress fire without damaging electrical equipment? YES NO </p><p>8. Do you have early smoke detection system? YES NO </p><p>9. Do you have a sprinkler system? YES NO </p><p>10. Do you have controlled air ventilation system to prevent overheating in the server room? YES NO </p><p>11. Do you have windows/doors protection against breakage and entry? YES NO </p><p>12. Do you have visits logged against customer defined control lists to allow /deny access to servers and systems? YES NO </p><p>13. Do you have an uninterruptible power supply? YES NO </p><p>If yes, how long can it sustain a power interruption? </p><p>IT33E-SRD-01-SECURITY 1 Nov. 3/03 © 2003 ENCON Group Inc. NETWORK DATA</p><p>14. Confirm what security controls are used to safeguard communications networks and data integrity, accuracy and completeness.</p><p>15. Are the servers monitored 24 hours/day? YES NO </p><p>16. Do you have any intrusion detection system to monitor external traffic and server logs for any possible hack attempts of known vulnerabilities and capture perpetrator’s traffic for further analysis? YES NO </p><p>17. Do you have a firewall and router logged for successful and unsuccessful connections and are they backed up on a daily basis? YES NO </p><p>(a) Are all log files indicating allowed and denied access, as well as possible security penetration attempts from firewall and IDS monitored routinely and regularly throughout each day? YES NO </p><p>(b) Does your router include packet filtering and access control lists? YES NO </p><p>(c) Do you have a policy in place for installing service release patches and hot fixes? YES NO </p><p>If yes, how often? </p><p>18. Are all servers, data, applications and logs backed up to tape, with rotating copies stored off site? YES NO </p><p>If yes, how often? Daily Weekly Monthly None</p><p>19. To minimize downtime due to software or hardware breakdown, do you utilize server and component redundancy? YES NO </p><p>20. To minimize downtime due to software or hardware breakdown, do you utilize co-location server? YES NO If yes, please provide details.</p><p>21. Do you have any documented procedures in place for the following: (a) systems recovery YES NO (b) intrusion detection YES NO (c) firewall service release patches and hot fixes YES NO (d) daily back-ups YES NO </p><p>22. Do you have virus detection software? YES NO </p><p>If yes, how often do you update the software? Daily Weekly Monthly</p><p>23. Is your data mirrored for data integrity? YES NO </p><p>Signature Date</p><p>Position</p><p>IT33E-SRD-01-SECURITY 2 Nov. 3/03 © 2003 ENCON Group Inc.</p>

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    2 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us