Proven Security
When you buy a hosted security service, you need to be confident that the service will deliver at least the same security, if not better, than you would get if your team designed, installed and ran the technology in-house. Signify's services deliver our customers a very high level of security:
• Our infrastructure is designed and managed with security in mind. We have a defined security policy, that includes measures such as firewalls and weekly security audits. The infrastructure has not suffered any security breaches to date.
• Customer administration and authentication traffic is encrypted in transit between the customer and Signify.
• Signify's Administrator Support verifies administrators before discussing the customer's account. While we actively monitor service logs for potential security issues, we won't make changes to accounts -instead we will guide authorised administrators through changes.
• We provide a web portal for administration of our services which ensures that access permissions are enforced. Access requires two-factor authentication and administration is fully audited.
• Customers are able to customise their security policies to suit them while the Identity Management Centre (IMC) web portal has built-in security processes to enforce these policies.
• RSA SecurID and Passcode OnDemand use One Time Passcodes (OTPs), a technology recognised as industry best-practice for authentication.
• RSA SecurID tokens have been proven 'best of breed' tokens in independent research. SecurID technology was originally patented in 1987, and has a long track record of securing major banks and corporations, and has over 60% market share for token-based authentication.
• Passcode OnDemand provides true authentication without tokens by sending an OTP directly to a mobile phone or email account. The service is based on RSA technology.
• Network and physical access to any Signify service delivery servers requires two-factor authentication.
