Long before security became a front-page issue, CMDI took proactive steps to protect the data we manage by making significant investments in our security systems and infrastructure. From the physical security at our offices and caging facility to the multi-layered security approach at our data centers, CMDI’s priority is keeping your information safe.
For more information about CMDI’s physical and cybersecurity, please see the Data Security page.
Crimson Security Features
Crimson features are designed to keep your information safe and prevent accidental mistakes.
• Prevent Accidental Breaches
With Crimson’s custom user groups, it is easy to protect your account from any accidental data breaches by providing high levels of user access control by establishing different levels of user permissions for editing or read-only access.
• Track User Activity & Changes
Crimson’s “History” feature keeps all users accountable for their actions by tracking all changes made to a record, who made the changes, and when they were made.
• Two-Factor Authentication
All Crimson logins use two-factor to prevent unauthorized access.
Crimson Data Security
Crimson works to protect the confidentiality and integrity of your information with features that secure and back-up your data.
Keeping Personal & Financial Data Safe
Crimson keeps your data secure using PCI Security Council standards. When credit card numbers are received in hard copy form, they are handled in secure and monitored environments. Physical credit card numbers are blacked-out and stored safely after transactions are processed. Credit card numbers are never written or stored in our software or hardware, and extensive penetration tests are conducted on our systems as well.
Automatic Backups & Disaster Recovery
Crimson’s backup systems take hourly snapshots of your data and replicate them in multiple locations using private links. CMDI retains several months of full data backups for all our clients using solid-state hybrid drives. Testing verifies the projected recovery times for restoring data as well as checking the integrity of the restored data. When physical drives are retired, all data is destroyed through a certified process from a third party.
Crimson Platform Security
Security Testing & Assessments
Before releasing updates or features, we test all our code for security vulnerabilities. Networks and systems are regularly scanned for vulnerabilities and assessed for risks including:
- Application vulnerability threat assessments
- Network vulnerability threat assessments
- Selected penetration testing and code review
- Security control framework review and testing
CMDI monitors notifications from alerts and internal systems to identify, manage, and block threats and external malicious sources.
- Perimeter firewalls/edge routers block unused protocols.
- Internal firewalls segregate traffic between the application and database tiers.
- Intrusion detection sensors detect and review logs to monitor for suspicious behavior.
Secure Transmission & Sessions
Connection to the Crimson environment is via TLS 1.2 using step-up certificates from GeoTrust. This ensures that there is no unencrypted traffic on the Crimson network. Individual user sessions are identified and re-verified with each transaction, using a unique token created at login.