Wenso implements a set off comprehensive measures and procedures to ensure business
continuity and reliability.
Infrastructure
A dedicated IT department is responsible for Infrastructure Engineering, Infrastructure
Change and Release Management. Responsible people are informed about all significant
events concerning the functioning of the information infrastructure on the 24x7
basis by using mobile phones with Email2SMS service enabled.
Computing Facilities
We have more than 300 Intel P4 (Core 2 Duo) and Apple Macintosh workstations
and 30 servers in our four datacenters located in Minsk. All our datacenters are
equipped with efficient air conditioning, fire protection and UPS power protection
systems. Each server is built on the RAID technology (Level 1 or Level 5 controllers
are used).
Internet Redundancy and Data Exchange
Reliable Internet connection is provided via two independent data links with the
bandwidth of 4 and 1 Mbps. The connection between the datacenters is provided via
fiber-optic links with the bandwidth of 1Gbps. Reliability of power supply is ensured
by the presence of 3 separate and independent power feeders at every datacenter
and by the usage of high-performance UPSes. Internal information infrastructure
includes 20 HP ProCurve switches, 1 Cisco router and a set of telephony equipment
(hardware (Coral) and IP (Asterisk) telephone stations, 200 telephones and 5 GSM
gateways).
Network Services Reliability
Failover capabilities are implemented for the main network services, such as
Mail, DNS, Internet Access, Active Directory and development servers. The Mail Server
backup is performed via two backup servers, one located in Europe and another –
in North America. This mechanism ensures that no incoming and outgoing mail is lost.
Security Management
We have developed a number of documents covering our Security Policy: General Network
Usage Policy, Sensitive Information Encryption and Exchange Policies. General compliance
with our security policy and regulations is ensured by the usage of logon scripts
and Group Policies.
Staff Security
We perform careful security checks of every person that is applying for a job. Confidentiality
Agreements are an important part of the security system and every employee we hire
is to sign such an Agreement. All the security-related cases and incidents are tracked
and resolved by Department Managers. We inform all the people we hire about the
Company’s security standards and keep this knowledge up-to-date by organizing special
training programs on regular basis.
Physical Security and Access Control
We imply a multi-level access control system. On the first level our security
service is checking our employee’s ID-badges to ensure they are authorized to access
the building. The next level of access control is based on the usage of electronic
cards, each possessing unique radio metrics, that are given to every employee that
is authorized to access the floors of our buildings. We have installed effective
video monitoring and alert systems in our offices and have arranged Governmental
Security Service’s (Police) protection of our property. The access control system
is managed from one central control point, though each datacenter’s security system
is independent.
Customers Data Protection
We understand that security of our client’s data in number one priority for
our business. We use 256 bit AES algorithm for traffic encryption and 2048 bit public/private
keys pair for authentication purposes. Sensitive data is exchanged via SFTP server
and PGP is used for emails encryption. This way compliance with the ISO standards
for information security is provided. We also strictly follow all the governmental
rules and regulations for emergency issues.
Additional capacities
For development purposes we use virtualization technology which enables us to
build a separate operational environment for each project and thus increase resource
allocation flexibility and effectiveness. This technology is based on the usage
of VMware Server 1.0, VMware ESX Server 3.0 and VMware Infrastructure for project
monitoring.
Security Monitoring
All the processes are constantly monitored by the administrative team and vital
information on all the important changes and incidents is tracked and logged via
Syslog Server for future audit.
Backup Process and Disaster Recovery
The Information Life Cycle Management (ILM) process we have developed at Wenso
includes a set of data protection and other security-related activities. A special
data recovery scenario is presupposed for each kind of potential data loss situation
(e.g. hardware or software failure, computer virus, human mistake, etc.). The process
of backup copies creation is regulated by the Backup Process Plan.
Effective backup procedures are ensured by a number of physically distributed backup
locations Wenso has in its offices in Minsk, dedicated servers in several countries
of the world and high level of encryption of backup data.