Overview

To outline our Intrusion Prevention and Detection Policies

Purpose

The purpose of this policy is to ensure that all industry standards and practices are used when securing our servers and databases.

Scope

This applies to any and all Yellow Dog Software Hosted Server Environments and associated Hosted Customer Databases.

Policy

Network Security Overview

All traffic from clients goes through the 1&1 IONOS Managed Firewall which we have access and control to. We can restrict access to specific IP ranges at the customers request, otherwise all client traffic goes through port 55005 to connect to SQL. Any other port traffic is dropped and blocked. Traffic from our client to the server is encrypted with an SSL TLS 1.2 cipher. Any unencrypted connections are immediately dropped.

From the 1&1 IONOS firewall, traffic goes to the specified hosted server and goes through the Windows Firewall which can also be configured for specific addresses and requirements.  It then goes to our MS SQL Instance where it is verified against a unique login and password. Each database has a unique username and password. This is for the client to begin authentication to the database. Customer cannot change this username and password as our application connection information relies on it. The client application then authenticates against that username and password to connect to the database.

The above process is all background and the client does not see or have to maintain the username and password.

Once the client authenticates, the client then asks for the Yellow Dog username and password which is maintained by the customers Administrative team.

Intrusion Detection:

We monitor all network traffic on the server using Windows Event Monitoring and Atera RMM platform for alerting. Any unauthorized traffic is immediately flagged and blocked by our IT Team. We identify unauthorized traffic as traffic not originating from an authorized customers location, or from the Yellow Dog Software office.

Customers are notified via Email, within 48 hours of a confirmed data breach.

Intrusion Prevention:

All Yellow Dog Software Hosted Servers are monitored and scanned monthly for vulnerabilities and security compliance via third party. A report can be made available upon request.

Any vulnerabilities found during scans are immediately escalated to our Network Security team for remediation and patches applied once they are fully tested.

Servers are secured behind 1&1 IONOS’ firewall as well as the included Windows Firewall. Our servers operate with only the SQL port opened (and on a non-standard port to reduce attack surface). We only run SQL on these servers. No other services.

Remote Access to the servers are authorized only to Yellow Dog Software personnel, and only using a Secured TeamViewer account.