BoardVantage has implemented numerous measures to ensure the confidentiality and security of our customers's information. Our solution is protected by full strength encryption, multi-factor authentication, and is hosted in a highly secure site. We maintain a strong perimeter defense using multiple layers of security and constant monitoring. Additionally, we devote significant resources to continuously improving our security with the latest technologies.
But good technology is only half the battle. No system is effective without tightly controlled process. That's why BoardVantage processes are independently audited, and the company has achieved SAS70 Type II and SysTrust certifications.
Our security has been hardened by a decade of third-party testing and validation. Between our secured state-of-the-art hosting facilities and our security management program, our "secure from the ground-up" architecture, expertise and execution ensure that our customers receive the highest data protection commercially available.
Our iPad app has a built-in, device-resident, Briefcase—a repository for secure offline document storage. All content is encrypted, and can be purged remotely if the device is lost or stolen. To further prevent discoverability, documents (including notes) can be deleted locally, remotely or automatically based on defined retention dates.
All computer and network communication systems are housed in a secure, hardened hosting facility with 24x7x365 guard patrols, full surveillance and biometric access control systems.
Maintained by our own security-screened staff, the BoardVantage system has built-in redundancy at every point, including Web, application, file, database, and storage servers.
Our entire infrastructure is protected by a broad shield of network equipment and software tools. The network is continuously monitored by our staff for any attempted network attacks.
We encrypt all data using strong ciphers, both during network transport and while resident on computing platforms, so that it cannot be compromised. Each customer's content is segregated into an individual repository and encrypted with a unique key. Only authorized users can access protected data—barring even BoardVantage system administrators.
BoardVantage requires customers to use Secure Socket Layer (SSL) encryption technology (128-bit minimum) when accessing the BoardVantage application with an Internet browser or iPad. Digital certificates ensure the authenticity of each SSL session. This minimizes the risk of datastream interception between the user's browser and the BoardVantage service.
Our vigorous virus control methods prevent the distribution of malicious code that could disrupt service, destroy data or undermine productivity.
We automatically back-up all customer data nightly and store it at a secure, off-site facility. All backups are encrypted, and any unused, obsolete, or end-of-life media is destroyed to prevent third-party data retrieval.
Our authentication policies enforce security without increasing complexity for authorized end users. In addition to our unique two-tier authentication mechanism, we partner with our customers to ensure the controls and access policies their organizations need are enforced at all times.
BoardVantage application servers are hardened at the operating system level. Administrative access is restricted to authorized personnel. Login is possible only through encrypted access with individually authorized and enabled encryption keys. We also regularly review security patches according to vendor specifications.
BoardVantage is SAS70 Type II certified. Our documented internal processes have been independently audited to ensure that we have the proper controls in place for provisioning, change control and procedural changes. We not only enforce the separation of roles and responsibilities, and closely supervise employees, we also conduct criminal background checks on each staff member at both the federal and local levels.
