EZ-MES Manuals
Getting Started
Basics
General
Operator Manual
Supervisor Manual
Asset Management
Configuration Manual
User Rights
Part Definitions (PD)
Flow Definition (FD)
Step Definition (SD)
Input / Outputs
Name-Value Pairs (NV)
Name Value Types
Spec Definitions
Event Manual
Inventory Management
Reports and Data Retrieval
Implementation Guide
Trouble Shooting
EZ-MES Objects
Reference Manual

Questions?
Call us:

1.888.684.2256

Contact UsBIG arrow

Online Documentation: Reference Manual

Data Backup Procedures and Data Protection

At EazyWorks we have automated backup procedures that will take care that your web application is backed up daily on to the EazyWorks Servers. We keep a backup of 7 days

Besides the EazyWorks backups. Our hosting company WebHost4Life keeps backups of your website.

The EazyWorks Servers are protected with 2 software and 1 hardware firewall. EazyWorks uses an SSL ftp connection to Upload and download files to the hosting server.

For each hosting account WebHost4Life takes care of the following backup features.

  • Daily Backup of your websites to a local backup device.
  • Daily Backup of databases to a local backup device.
  • Daily Backup of your websites to a remote location.

If you are an EazyWorks customer we will take care that your website and your information is secure.

Data Location and Data Links

The following diagram shows were the data is located and the different possible data links.


Data Locations

The information that your organization will keep, using a Web Based application, will be stored at different locations.

Data Center / Data Warehouse
A specialized Data Center is the place were the website with database resides. The Data Center is using a Cisco Firewall to keep your data safe. Besides the firewall the data center takes many measures to make the physical location safe.

EazyWorks
EazyWorks Designs your website, so the original design files of the website are located on the EazyWorks servers. EazyWorks protects its servers with a software and a hardware firewall. Depending on the customers request we can make a full backup of all the information stored by the Web Based Application. This backup will be stored on the EazyWorks servers.

Data Links

Data related to a Web Based Information System is linked by the Word Wide Web. The following links, to transport data, can be identified:

1: Customer Data Entry and Customer Data Request
By using the Website, that is made by EazyWorks, the customer is entering data onto the servers located in a secure data warehouse. Dependent on the customer request EazyWorks can secure this communication by means of SSL Encryption. This encryption works both ways. The website can be designed in such a way that for every page the data transfer in both ways is encrypted using SSL. In the web browser you can see if this communication is safe by the 'https' at the start of the web address. (Normally, for an unsecured link the address starts with 'http')

2: Uploading and Downloading to EazyWorks
EazyWorks uploads and downloads all data to and from the server using ftps. This is the secure encrypted way for ftp protocol.
New design updates for the website are uploaded this way. Besides the design updates, EazyWorks makes a daily backup of the website. This is an automated procedure. EazyWorks keeps a history of 7 days.

3: Internal Customer Links
Although the EazyWorks application comes with many different file export possibilities, customers should take care sending these exported files by e-mail.
E-mail can be an insecure way of communication. A better way to communicate sensitive information, that is located on in the Web Based Application, is to send e-mails with links to the specific information. This way the real collection of the information will happen through an encrypted communication link.

4: Data Center back ups
To protect your Information the Datacenter makes daily backups of your website to other Data Centers. This is happening with secure data links.

Data Warehouses / Data Centers

Through our Hosting company we take care that your website is located at World-Class Data Centers with the following requirements:

Maximum Efficiency
Ensuring the delivery of the highest possible levels of reliability and performance, each Data Center features a redundant network of multiple fiber trunks from multiple sources, redundant power on the premises, and diesel backup generators. This allows maximizing our connectivity rates and overall site performance.

Maintenance
Each Data Center is maintained by combining round-the-clock systems management with personnel trained in the areas of networking and systems monitoring.

Safety
Each Data Center is custom designed with raised floors and is flood proof. Each Data Center is comprised with HVAC temperature control systems with separate cooling zones, seismically braced racks, advanced early smoke detection and fire suppression systems.

Privacy
All the servers at the Data Centers are behind Cisco firewalls to protect them.
The physical Data Centers are supported by some of the most powerful security in the business. 24/7 video camera surveillance, security breach alarms, security guards around the clock, and Biometric thumb print scanners at every entryway. The servers are further secured within a cage with locks.

With all of these factors, the end result is an excellent physical and technical environment delivering the reliability and flexibility necessary to support your mission-critical Internet operations.

Network Performance

We make sure that our clients get the fastest speed possible by using only top quality bandwidth providers such as Level3 T3, Global Crossing and UUNET. All our bandwidth providers are known world-wide for their performance and excellent peering capabilities. We also ensure that our bandwidth utilization will average 30% at all times, thus achieving 70% of head room to continually maintain performance and quality of service.

Secure Socket Layer (SSL)

For a fee of $ 350 a year EazyWorks can equip your website with 256 bit SSL. We take care that the SSL is designed into the website. This means that we switch over to https at the moment it is required by the website design.

SSL features

The SSL we install for you comes with the following features:

  • Single root certificate
  • $10,000 warranty
  • 99% browser recognition rate, no chained installation
  • Strong 128/256 bit encryption, industry standard SSL
  • RapidSSL.com owns the root used to issue your certificate

User Management

Most Websites developed by EazyWorks come with extensive user management possibilities. This includes the following.

Login / Logout Functionality

Access to areas of the website (or the whole website) can be controlled by a user logging in with name and password.

The login function comes with 'remember me next time' option and automated password recovery with security question.

Passwords

The default setting for the passwords of an EazyWorks Website requires 7 characters and 1 special character, like '+','=','_' etc. Depending on the security requirements this can be made stronger or can be relaxed.

Users can change their own passwords and the password is only known to the user. The system can only reset passwords and issue new passwords.

Role Management

Users can be assigned to different roles. For the different roles different access policies can be defined. The site is protected that only users with specific roles can access specific areas. Furthermore specific information stored on the website can be protected for users without the specific roles.

Navigation tools of the website (e.g. menus) only show options that are allowed for that specific user. The Navigation tools dynamically change at the moment the user logs on or logs off.

Management of Accounts by the Administrator

For each website developed by EazyWorks the role of administrator is defined. The administrator has exclusive access to an additional web page which he or she can use to manage the accounts.

This page can be equipped with the following functionallity

  • Adding and deleting users
  • Adding or deleting roles (Roles will define for which areas a user has access) If a user does not have the appropriate role for an area, it will not be possible for this user to access this area. All navigation tools (menu's etc) of the website will only show options available to that specific user.
  • Resetting passwords for users. Each website will come with automatic password recovery options.
  • Logs of user activity showing the login activity on the website
  • Furthermore the website can be configured to send out automatic notifications to the administrator when, a new account is created, is user changes a password, or when a user requested a new password.

All automated e-mail messages can be completely customized and formatted in HTML reflecting the customers house style.

Security of EazyWorks Web-Based Applications

Below we will address a number of concerns regarding data security. We like to stress that the weakest point in our system is the login. So to be safe is always best to use strong passwords (using number(s) and one or more special character(s) like '+', '=', etc). The passwords used by EazyWorks Personel are strong.

SQL Injection

EazyWorks uses Ajax technology in combination with the Microsoft .NET 2.0 framework for its Web Applications. This technology does not allow SQL injection, so the EazyWorks applications are NOT susceptible to these types of attack.

Encryption of Credit Card Data

Even if someone manages to get into the SQL Database, all Credit Card Data is encrypted when it is written to the database. The following figure shows an example of how the encrypted data looks while it is stored in the SQL Database:

Input Output Dialog

The only way to decrypt the information is to login to the application.

Data Link

Dependent on the customer request EazyWorks can secure this communication by means of SSL Encryption. This encryption works both ways. The website can be designed in such a way that for every page the data transfer in both ways is encrypted using SSL. In the web browser you can see if this communication is safe by the 'https' at the start of the web address. (Normally, for an unsecured link the address starts with 'http')

Data Location

EazyWorks solutions are hosted using Amazon Web Services. Below a short excerpt from the AWS Security Whitepaper:

The issues of end-to-end security and end-to-end privacy within the cloud computing world are more sophisticated than within a single data center not facing the Internet. Ensuring the confidentiality, integrity, and availability of customer’s systems and data is of the utmost importance to AWS, as is maintaining trust and confidence. This document is intended to answer customer questions such as “How does AWS help me ensure my data is secure?” Specifically, AWS physical and operational security processes are described for network and infrastructure under AWS’ management, as well as service-specific security implementations.

For more details we would like to refer to the Amazon Documentation (in case the link does not work, please go to http://aws.amazon.com/ and search for: Security Whitepaper):

http://s3.amazonaws.com/aws_blog/AWS_Security_Whitepaper_2008_09.pdf

EazyWorks does not keep any of its customer’s data at its office location. When data is needed for maintenance, it will be deleted shortly after use.

EazyWorks AWS Settings

All of our server firewalls currently only have 2 ports open to the world

  1. One for HTTP = 80
  2. One for HTTPS = 443

All remote access is blocked to only allow our IP address to access the servers; on top of that the servers have the standard Windows Based Password Policies. The SQL server is also blocked by the firewall for remote access, and also has a SQL based Password Policy on the Database File.

Creation of user Accounts

User accounts can be created by the user on the login page of the application. At that point the user has to select her password. Beside the password the user will define a security question with answer to retrieve a lost password. The system will encrypt the password and the security answer. The password and security answer is unknown for anyone (including the system administrator and people that would be able to access the database directly).

This way it is ensured that the password is only known by the user and that no one will be able to login for the user, beside the user herself.

After creating the account the admin of the system is notified, and the admin will assign the roles for that specific user. Without any role assigned to the user the user will not be able to access any data.

Change password

During the ‘create new account’ process the user enters her e-mail. Because the password is only known to the user the password is lost at the moment the user forgets her password. The system comes with a password retrieval option where the user can reset her password on the login page, the new password is sent to the user to her e-mail address. Using the new password the user can login and should immediately change her password.

Blocking accounts

Users with an admin role are notified by the new account emails and the reset password emails. Admin users will have the possibility to lock out any of the users of the system. After a user is locked out, her password will not work to enter the system anymore. This will not affect any of the historic records.