|
We take special care to ensure the privacy and
integrity of your data. This chart describes the risks, the protection
that M2M
Gateway provides, and the
protection you can provide.
|
The Risk |
What We
Do |
What You Can
Do |
| Snooping |
| An eavesdropper uses network
packet-sniffing technology to monitor network packets going to or
from an address and to see the contents of those packets. |
M2MGateway uses
Secure Sockets Layer (SSL), an Internet encryption protocol. SSL
encrypts all network packets so that anyone who uses packet-sniffing
technology is unable to read the packets’ contents. Internet
Information Server (IIS) can communicate encrypted information. |
Implement Secure
Sockets Layer (SSL) to protect the information between
M2MGateway and Made2Manage hosted
web site. Internet Information Server (IIS) can communicate
encrypted information. |
| Server Attack |
| Someone could attempt to execute a
script on the server that could damage the server or transmit
confidential information over the Internet. |
We use the Cisco
Secure PIX 515 firewall. Firewalls ensure that only approved traffic
can interact with the server. Approved traffic generally is that
which comes through an approved port and an approved address—with an
approved protocol (typically HTTP or HTTPS). |
Install a firewall between the
Internet and your IIS server. Install a firewall that controls
ports, protocol, and inbound traffic. Also, to protect
vulnerabilities as they are discovered, apply IIS, Internet
Explorer, and Windows patches as they become available. |
| Spoofing |
| Someone tricks a Web server to make
it think that he is a valid requestor of information. The server
then sends the confidential information to the spoofer. |
M2MGateway ensures
that its software responds only to requests from users who have been
authenticated based on their login, which is encrypted via SSL. And
it controls access via its PIX Firewall. |
Your firewall and SSL should protect
you. |
| Physical Access |
| Unauthorized personnel could access
your IIS server. |
Our servers are in a
locked enclosure with electronic security. |
Secure access to your IIS
server. |
| Virus Proliferation |
| Viruses can spread through the
Internet. |
Our servers have a
memory-resident virus-checking utility, which is constantly updated
with patches from McAfee. |
Load virus-checking
software. |
A Three-Tiered Approach
We recommend that you take a three-tiered approach to security:
- When you configure IIS, grant access only to our servers. Your
server can then accept data packets only from our server’s addresses.
- Install a firewall. This controls both incoming and outgoing
communications.
- Use SSL encryption for data packets leaving your server. (Please
contact us if you plan to use SSL encryption.)
|