Security Statement

Hosted Coriendo solutions come with security to ensure that your data is never compromised
The security measures at Coriendo include:

Experienced, professional engineers and security specialists dedicated to round-the-clock data and systems protection
Continuous deployment of proven, up-to-date security technologies
Ongoing evaluation of emerging security developments and threats
Redundancy throughout the online infrastructure
Commitment to a secure, scalable, private, collocated system where Coriendo manages its computing infrastructure

Server Security:

Physical Security
Our production equipment is collocated in Conshohocken, PA at a facility that provides 24- hour physical security, identification systems, redundant electrical generators, data center air conditioners, and other backup equipment designed to keep servers continually up and running.

Perimeter Defense
The network perimeter is protected by firewalls and monitored by intrusion detection systems. Coriendo monitors and analyzes firewall logs to proactively identify security threats.

Systems Security
Inside the perimeter firewalls, the systems are safeguarded by network address translation, port redirection, and other techniques. The specific details of these features are proprietary.

Operating System Security
Coriendo enforces tight operating system-level security by minimizing the number of access points to its production servers. We protect operating system accounts with strong passwords, and production servers do not share a master password database. All operating systems are hardened by disabling and/or removing any unnecessary users, protocols, and processes.

Server Management Security
All data and documents entered into the Coriendo solutions by its customers owned by that customer. Coriendo employees do not have direct access to the production equipment, except where necessary for system management, maintenance, monitoring, and backups. Coriendo does not utilize any managed service providers. The Coriendo systems engineering team provides all system management, maintenance, monitoring, and backups.

Application Security:

Security Model
Our application security model prevents one customer from accessing another's data. This security model is reapplied with every solution and enforced for the entire duration of a user session.

User Authentication
Users access Coriendo hosted solutions only with a valid username and password combination, which is encrypted via SSL while in transmission. An encrypted session ID cookie is used to uniquely identify each user.

Database Security
Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is restricted to a limited number of points, and production databases do not share a master password database.

Communication Security:

Data Encryption
Coriendo employed encryption products to protect customer data and communications, including 128-bit Verisign SSL Certification. The lock icon in the browser indicates that data is fully shielded from access while in transit.

Redundancies and Backup:

Reliability and Backup
All networking and computing components have backup devices. All customer data is stored on RAID disks and multiple data paths. All customer data is automatically backed up to an on-site device on a nightly basis. Backups are then moved to secure, off-site storage on a regular basis.

Disaster Recovery
Coriendo has an agreement in place with a third-party provider of availability services to provide access to a geographically remote disaster recovery facility — along with required hardware, software and Internet connectivity — in the event our production facilities were to be rendered unavailable.