• Login
  User Name: Password: Forgot your password?

• About
  • Who We Are
  • Leadership Team
  • Careers
  • Contact Us
• Products
  30-Day Free Trial
  • Personal Trading
    • Overview
      • Disclosure
      • Pre-Clearance
      • Transaction Review
      • Business Rules
      • Reporting
    • Electronic Data Feeds
    • Insider Trading
      • Business Rules
      • Insider Trading Report
      • Related Transactions Report
  • Affirmations and Disclosures
    • Overview
      • Policy Acknowledgements
      • Outside Business Activities
      • Outside Brokerage Accounts
      • Private Securities Transactions
      • Criminal/Disciplinary Activity
      • U4 Updates
      • Screen Shot
  • Gifts Entertainment and Contributions
    • Overview
      • New Gift Request
      • Recipient Giver Report
  • Case Management
    • Overview
      • Marketing Review
      • Regulatory Inquiries
      • Client Complaints
      • New Hire Checklist
      • Trade Exceptions
      • Compliance Calendar
  • Technology Overview
    • Overview
      • Production Environment
      • Network Security
      • Applicant Security
• Resources
  • Newsroom
  • Webinars
  • Conferences
  • White Papers

Technology Overview

Protecting Customer Data

Protecting your data is our number one concern. Compliance11 uses the highest levels of security and industry standards to ensure that your data is protected. Compliance11’s production servers are hosted in a SAS70 Type II compliant environment by Rackspace, the world’s leader in hosting, and it is tested and certified on a regular basis by Trustwave, an industry leading security firm. Rackspace is also Safe Harbor certified, as defined by the EU Commission’s Data Protection Directive, meaning that data flows to Rackspace are acceptable.

Physical Security

• Security Badge - Card reader access is required to enter the facility.
• Biometric Scanning - Biometric scanning is required for access to the data center floor.
• Proximity Readers - Proximity readers track all movement between areas.
• Security Cameras - Security cameras are located throughout the entire facility to monitor and record activity.
• Security Personnel - 24/7 onsite staff provides additional protection against unauthorized entry.
• Unmarked Building - Facilities are unmarked to help maintain a low profile.
• Audits - Rackspace physical security is audited by an independent firm.

Network Security

• Firewalls - Access is limited to certain ports by a series of firewalls.
• Intrusion Detection - Systems proactively monitor for malicious connection activity.
• Anti-Virus - Anti-virus software is active on all servers.
• Patches - Security patches are applied proactively based on vendor recommendations.
• SSL - All data transferred between the user’s browser and Compliance11 is protected using Secure Socket Layer (SSL) encryption.
• PGP Encryption - All back-end file transfers are encrypted using PGP encryption.
• Administrative Access - Administrator access to the production infrastructure requires two-factor (hardware token) authentication.

Application Security

• Database Encryption - Sensitive personal information is encrypted in the database.
• Application Architecture - Compliance11’s application is built using J2EE and Oracle database, the de facto industry standard for highly scalable, secure, fault tolerant, enterprise applications.
• Penetration Testing - Internal and external penetration tests are conducted periodically by an independent third party.
• No Cookies - No cookies are used to store information on customer workstations.
• IP Login Restrictions - Access can be limited by source IP addresses.
• Single Sign-On - Access to the application can be granted via corporate directory.
• Password Expiration - User passwords can be set to expire on a periodic basis.
• Password Re-Use - The re-use of previous user passwords can be disallowed.

Employee Security

• Background Check - All employees are subject to a background check that checks the following: SSN Verification, Address History, 7-Year National Criminal Database Search and Courthouse Verification of Criminal Database Records.
• Information Security Policy - All employees periodically certify to have read and comply with Compliance11’s Information Security Policy.
• Personal Trading Supervision - All employee’s personal security transactions are monitored.

Production Environment

• Redundant Servers - Compliance11’s application tier has load balanced, redundant servers. If an application server fails, users are able to login to the other server immediately with no data loss. Compliance11’s database tier has a redundant server and uses shared disk. If the database server fails, users are able to login again within minutes with no data loss.
• RAID Storage - If a hard drive fails, there will be no interruption of service since all storage is RAID 5 with a hot spare.
• Disaster Recovery - In the event of a major disaster at the primary hosting site, users will be able to login to another server hosted at a remote secondary site within hours. No more than two hours of data will be lost.
• Network Availability - The network’s configuration was co-developed with Cisco and includes six separate fiber conduits into the facility from different communication providers.
• Backup - Database backups are done every two hours and are immediately sent electronically to the disaster recover site.
• SAS70 Type II - Rackspace is SAS70 Type II certified.
• UPS - Upon power loss, UPS systems can provide 30 minutes of battery life under peak load.
• Generator - Two sets of diesel generators have enough fuel stored to provide 48-hours of power under full load.

• Privacy Policy
• |
• Legal Notice
• |
• Site Map
• |
• Contact Us

Copyright ©2012 Compliance11, Inc. All Rights Reserved