The best software application in the world doesn’t amount to a hill of beans if it’s not secure. That’s why at Pangea Foundation we’ve made a conscientious pledge to put information security at the center of everything we do. Once you review our information security plan from a variety of different perspectives, we think you’ll find that Pangea Foundation’s information security measures are on par with the best civilian organizations in the world. Our information security strategy is designed around the following areas:
Leveraging world-class data centers, advanced network intrusion detection systems, the leading SSL encryption technologies, the best firewall technologies, and other proprietary security products, Pangea Foundation utilizes many of the same technologies and hosting facilities used by government agencies and premier companies around the world.
We don’t solve everything… we have technology partners for that.
Let’s be honest. Being experts at everything related to information security is a bit like divining water—everyone knows it can’t be done, and if you meet someone who is arrogant enough to claim they can do it, it’s a sure sign that they’re full of hot air. Lots of traditional software vendors would like you to believe that they know everything there is to know, not only about software, but about information security too—without help. Yeah, see that shiny stuff spiraling down the drain? That’s their “credibility.” Yet, for some reason people keep buying into their promises. And when disaster strikes, who ends up paying the price?
The truth is technology moves too fast for anyone to expertly specialize in more than a handful of things. Even if it was possible to specialize in everything, by the time you figure it all out, you’re so far behind the times you might as well be dancing the Jitterbug, or sipping a cherry phosphate at the corner drugstore.
Pangea Foundation fuses the best in software with the best in information security.
Backed by the support of some of the world’s best technology companies, Pangea Foundation bolsters your custom SaaS (Software-as-a-Service) application with enterprise-class information security solutions. Your custom software solution is built on and supported by a world-class IT infrastructure, complete with multi-regional hosting redundancy.
We’re professionally paranoid… so you can sleep better at night.
Why not trade information security that’s entirely your responsibility for enterprise-class information security that’s the responsibility of certified IT experts and leading information security specialists? And not just a handful of experts, an entire army of experts dedicated to securing your custom software, and defending it from malicious attacks. In collaboration with our trusted technology partners, we can offer you a full menu of escalating information security solutions to help you mitigate your risk—and your big headaches.
NONPROFIT INFORMATION SECURITY: PHYSICAL FACILITIES SECURITY |
 |
Primary data center: Live hosting services for nonprofits.
Pangea Foundation’s primary provider of live hosting services is Rackspace®. And with clients like Cisco, General Electric, Motorola, and the United States Marines, you can be confident knowing that your information will be safe and secure 24x7x365.
SAS-70 Type II compliant data centers.
The first component of Rackspace’s world-class infrastructure is its SAS-70 Type II compliant data centers. People who know about data centers consider Rackspace’s data centers the best around. Engineered for uptime, redundancy is built into all critical systems. Learn more about the security of our live hosting facility.
Backed up by award-winning support.
In addition to the recognized service excellence you’ll get from Pangea Foundation, your custom software will be supported by the award winning support of Rackspace, the world’s leading IT hosting company—a two-time winner of the American Business Awards' “Best Customer Service Organization”, a Microsoft® Gold Certified Partner, and a three-time winner of the Microsoft Hosting Provider of the Year award.
Automatically get 1-hour hardware replacement.
Sooner or later devices will break. And when they do, Rackspace usually has them replaced before we (or you) know something’s wrong. More uptime and less downtime ensures the consistent delivery of your critical service processes and facilitates up-to-the-second access to nonprofit business intelligence. Contrast that with the reality for many nonprofits today, where a hardware failure means you’re stuck until a technician finds the extra time to “look into” the problem.
We’re taken care of by the best. You will be too.
Think about how much more innovative you and your IT organization could be if you could offload all the day to day responsibilities and the big headaches related to information security to experts who specialize in all that stuff 24x7x365.
NONPROFIT INFORMATION SECURITY: BACKUP HOSTING SECURITY |
|
Backup data center: Backup hosting services for nonprofits.
The primary backup hosting component of our multi-regional redundancy strategy is found in our partnership with the San Diego Supercomputer Center (SDSC). With capacity for 25 petabytes of tape archive, the SDSC is recognized as an international leader in data management, systems security, high-performance computing and networking.
The SDSC is a major partner in both the U.S. TeraGrid Initiative and the (Cyberinfrastructure Partnership CIP). What does this mean for you? In short, your primary backup data center is not only highly secure, but it’s operated by some very bright people—400 of them. Learn more about the security of our backup hosting facility.
NONPROFIT INFORMATION SECURITY: SYSTEM SECURITY |
|
System security starts with dedicated firewalls.
Pangea Foundation’s custom Software-as-a-Service solutions are protected by Cisco Firewalls that are monitored 24x7x365 by Rackspace. A dedicated firewall acts as a protective barrier to keep malicious forces away from your important data. Unlike shared firewall devices that leave the possibility of unauthorized access by any other client sharing the same firewall, a dedicated firewall provides protection exclusively to your server, and ultimately, a greater level of information security for your peace of mind.
Data encryption via Virtual Private Networks (VPN).
In addition to filtering traffic, a dedicated firewall allows for a more secured form of communication with the implementation of a Virtual Private Network (VPN). A Virtual Private Network encrypts all traffic between Pangea Foundation’s servers, and creates a secure link through which our IT Hosting environments communicate.
Data reliability and data backup.
All networking components, Web servers, and additional application servers are configured in a redundant configuration. Your data is automatically backed up on a nightly basis. System patching provides ongoing protection from exploits. Daily backups are stored in two data centers located 1,400 miles apart on a 24 hour basis. Data backups are stored for two weeks on Pangea Foundation’s primary servers, and archived indefinitely on its backup servers.
Standard anti-virus services from a global leader in infrastructure software.
Pangea Foundation’s Software-as-a-Service applications come standard with anti-virus protection from Symantec™, a global leader in infrastructure software. With anti-virus protection, your data is automatically protected from destructive viruses, worms, spyware, and adware.
Independently audited disaster recovery and business continuity plans.
Independently audited disaster recovery and business continuity plans are in place for the headquarters and support services of Pangea Foundation’s live hosting provider. In the unlikely event that Pangea Foundation’s primary hosting data center went offline due to a national disaster and this disaster recovery and business continuity plan was somehow insufficient, contingency plans would enable Pangea Foundation’s backup hosting data center to be up and running with the most recently backed up data within 24 to 48 hours. Learn more about system security.
NONPROFIT INFORMATION SECURITY: NETWORK SECURITY |
|
Without the best network, the world’s best Software-as-a-Service applications become average. Rackspace partners with nine separate network providers to provide multiple redundancies in the information flow to and from its data centers. Co-developed with Cisco, the Rackspace network guards against single points of failure at the network level. And unlike other IT hosting providers, Rackspace utilizes only high performance bandwidth. To optimize network performance, the network is not shared with cable TV services, or other telecom services. Lastly, the network’s topology and configuration automatically adjusts and improves in response to traffic pattern changes to ensure the fastest and most reliable network connections possible. Learn more about network security.
NONPROFIT INFORMATION SECURITY: COMPLIANCE MANAGEMENT |
|
Nonprofit compliance management is a necessity.
Today, more than ever, the regulations are so numerous and dynamic that it’s easy to fall behind on the specifics and end up with a false sense of security.
We help nonprofits meet the highest standards of security and compliance.
To help guarantee that your data meets the highest standards of security and compliance, Pangea Foundation leverages the services of one of the world’s leading experts in Web application security and compliance management. With an independent compliance management solution, we can address the unique challenges of nonprofit compliance as well as the ongoing validation and maintenance of our data security posture.
Vulnerability assessment snapshot.
The vulnerability assessment and compliance management solution offered by Pangea Foundation validates compliance with a variety of today’s regulations. Learn more about nonprofit compliance management.
NONPROFIT INFORMATION SECURITY: ADMINISTRATIVE SECURITY |
|
We’re committed to protecting your data like it’s our own.
At Pangea Foundation, we take your information security as seriously as you’d expect. We take practical action to ensure the integrity and protection of your information.
100% of Pangea Foundation employees are fingerprint background checked.
At Pangea Foundation, you’ll be glad to know that we employ extensive fingerprint background checks on 100% of Pangea Foundation employees to ensure that our employees meet the highest levels of integrity. But we don’t stop there. We only work with live hosting providers that conduct thorough background checks on their data center employees, too.
Access to client data is restricted to authorized personnel only.
Pangea Foundation’s employees are required to review, understand, and sign confidentiality agreements that hold them accountable for maintaining the strict confidentiality and security of client data. Access to confidential information is restricted to authorized personnel only. Pangea Foundation and hosting provider employees do not have direct access to the production equipment, except when necessary for system management, maintenance, monitoring, technical support at the customer’s request, and backups. Learn more about administrative security.
NONPROFIT INFORMATION SECURITY: APPLICATION SECURITY |
|
When it comes to software security, don’t take chances.
Pangea Foundation draws from a broad knowledge and a conscientious pledge to understanding advanced vectors of attack. You can rely on our team of experts to implement sophisticated application security measures to protect your software and your data from disruptive forces.
Automatically get 128-bit Secure Sockets Layer Encryption (SSL).
Authenticating user identity is not only a best practice, it’s a privacy and security requirement necessary to comply with numerous regulations, including Federal HIPAA guidelines. Encryption forms the basis of data integrity and privacy necessary for today’s Web commerce. Secure Sockets Layer Encryption, or SSL, is an advanced encryption technology that protects Pangea Foundation’s Software-as-a-Service applications. Without encryption, the integrity of information transmitted through public and private networks can be compromised. SSL uses public key encryption methods to verify the authenticity of a server, or client, and encrypt communications between them. SSL encryption protects network access, online communications, and digital communications by creating a secure channel between Pangea Foundation’s infrastructure and Pangea Foundation’s users. Learn more about SSL encryption.
Authentication.
Users of Pangea Foundation’s secure Software-as-a-Service solutions may only access these applications with a valid username and password. Pangea Foundation software solutions are encrypted through 128-bit SSL certification while in transmission. Users must use passwords that meet Pangea Foundation’s defined security standards. An encrypted session ID is used to uniquely identify each user, and this session ID is automatically scrambled at periodic intervals.
An information security “timeout” protects important information.
In order to comply with security regulations, protect the privacy of sensitive information, and protect you from liability, Pangea Foundation’s Software-as-a-Service applications employ automatic session termination if users do not interact with them for more than 20 minutes. If no interaction with the software has occurred for more than 20 minutes, subsequent login is required. The timeout is a security feature designed to prevent someone other than the logged-in user from accessing information. It’s especially important in environments where users are frequently called away from their computers.
Get an application-layer firewall for unparalleled information security.
In addition to the robust firewall that protects your hosted environment, you’ll have the option of incorporating an unparalleled layer of security into your custom software application through an advanced application-layer firewall. Developed by Fortify® Software, this unique “internal firewall” monitors and protects your software application from the inside-out. It was designed to protect you from even the most sophisticated intrusions. The result: unparalleled security and the exceptional peace of mind that comes from knowing that your custom software is fortified by the same application-layer security solution used by these leading organizations:
- The top five commercial banks and seven of the world’s eight largest banks
- Five of the top seven computer software companies
- Three of the top five aerospace and defense industry leaders
- The United States Air Force
- The United States Navy
- The United States Army
- Three of the top five telecommunications companies
- Three of the top six securities industry firms
- Two of the world’s most visited Internet companies
- Two of the top three insurance companies
- The #1 enterprise software company
- The #1 wireless voice and data carrier in the U.S.
- The #1 computer peripherals company
- The world’s largest dedicated semiconductor foundry
- 17 of the Fortune 100
- Over 30 of the Fortune Global 500
- Learn more about application security
There. Don’t you feel more secure already?
