Staff Expertise and Resources:

• We are a Microsoft Gold Certified Partner:
• We get security updates and hot fixes before the public
• We have MCP’s and MCSE’s on staff to troubleshoot security issues
• We have priority support from Microsoft

• Security event monitors in place (60 sec polling interval)

• Cisco routers with advanced port blocking, including (ports):
• 445
• 135 - 139
• 593
• 1025
• Cabletron Switches with integrated IP blocking based on routine security audit results

• High performance firewall on every server:
• Security auditing
• IP and/or port blocking
• Used for server specific port blocking (such as port 21 [ftp] on a mail server)
• Adaptive anti-virus components

• All usernames/passwords are changed from their default values
• We maintain access logs for every IP that accesses our systems
• 128 bit digital certificate
• Scheduled audits are in place to test security systems regularly
• NTFS security on all drives are stripped down to SYSTEM and Administrator access and specific access is added only as-needed

• IIS5 & IIS6:
• We implement Microsoft’s IIS Lockdown Tool
• We implement latest version of URLScan IIS filter
• Each website operates under independent window user accounts, limiting each website’s file access through asp, cgi, and php scripts to its own scripts and directories
• ASP and ASP.NET processes are run under their own secure and independent users with limited system access
• IIS6: Each site has its own application pool