SECURITY

We are as Concerned about Security as You are!

At GCE, we realize that security and compliance are critical factors when deciding to move your business operations to the cloud. We are committed to maintaining the integrity, confidentiality, and availability of your financial operations, and we go to great lengths to secure your organization’s sensitive financial data in every environment as follows:

Network

  • The GCE network is designed for secure communications between customers, end-users, and GCE web-based cloud solutions
  • Digital certificates and a public key infrastructure provide secure remote access via SSL encrypted communications
  • Perimeter firewalls protect and isolate GCE systems from potentially harmful Internet traffic by preventing access to unauthorized ports and IP addresses
  • GCE cloud environments reside on dedicated network segments to ensure appropriate separation and internal IP addresses that are concealed in order to reduce the risk of unauthorized access

Physical

  • GCE systems are physically hosted in state-of-the-art data centers staffed 24 hours a day
  • Data centers are equipped with the latest environmental and security equipment, including redundant HVAC systems, dry pipe and multi-zone fire detection devices, uninterruptible power supply and generator backups, biometric fingerprint scans, and video surveillance with 24-hour monitoring
  • All data centers hosting GCE cloud systems are SSAE-16 Type II compliant

Application

  • Within the GCE Financial Accounting Solution, data accessibility and available application functions are secured according to Role-Based Authentication Control (RBAC)
  • Pre-defined roles are based on specific job functions and are used to define the authority of individual users
  • All users are assigned roles and responsibilities (e.g. create invoice) and are granted access to perform only those functions
  • Only authorized users may access the system and view or update only the data that they are authorized to see

Platform

  • GCE Financial Accounting systems operate on various platforms, each selected based upon security features and application optimization
  • Platforms are “hardened” to ensure that systems are securely configured to comply with industry security standards, such as CIS Benchmarks and DISA STIGs
  • All GCE systems are regularly maintained and upgraded with the latest security patches
  • Our Security Management Team performs life-cycle risk activities including testing, continuous monitoring, and assessments

Certifications and Compliance

  • We ensure compliance with various Federal regulations and industry frameworks via our comprehensive security management and compliance program
  • GCE systems are certified by several Federal agencies as compliant with National Institute of Standards and Technology (NIST) guidance and Federal Information Security Management Act (FISMA) regulations
  • Our systems undergo independent third-party assessments on an annual basis and are certified as SSAE-16 Type II compliant

Reliability and Monitoring

  • We understand the importance of system availability for our customers, and ensure a 99.99% uptime
  • GCE systems are continuously monitored to ensure that security controls continue to operate as intended and to protect against known threats
  • Logs, notifications, and alerts relating to user activity and system performance are regularly reviewed to detect and respond to system abnormalities or suspicious activity
  • Systems are continuously scanned to detect and correct security vulnerabilities
  • Extensive systems and communication protection mechanisms based on NIST standards offer the highest data encryption, stringent access controls, and data protection from cyber attacks and insider threats

Continuity of Operations

  • System availability and continuity of operations are achieved using a two pronged approach of redundant primary systems backed by failover to a secondary site
  • In the event that a primary device or service fails, the GCE cloud systems are configured to seamlessly transition system operations to the secondary/redundant devices
  • The GCE active-passive model maintains the highest levels of data reliability from a transactional perspective
  • As customer data is processed and stored on the primary (active) system it is simultaneously backed up to a geographically secondary (passive) system
  • Redundancy allows for zero tolerance for data loss and the ability to quickly restore data and operations in the event of a natural disaster or geographic catastrophe