Packcity - Indoor

  • FAQ

    Yes, at least once a year or on customer request (at customer expense). Results are analyzed, and Patch management is applied to correct issues if discovered.

    Each exposed component is hosted in its own DMZ. Explicit firewall rules between DMZ are applied to allow known traffic only. Access to database server is limited to requests only from these DMZs.

    The servers and web site are based on LAMP (Linux / Apache / MySQL / PHP) servers.

    Packcity committed uptime availability is 99,5%, on a yearly basis, excluding routine maintenance and downtime from interruption, termination, or failed operation of the Internet,
    private intranet, or of third-party telecommunication services and force majeure events.

    We review applications for security vulnerabilities and address any issues prior to deployment to production.

    Once an issue is identified, our process is to place issues into our current sprint for development. 

    Once item has been developed it will be subject to peer code review and then will be passed to QA department that will review and test items. 

    A hot-patch is generated for the solution in to our production environment for urgent patches.

    Physical data center access is only restricted to authorized employees. All employees who need data center access must first apply for access and provide a valid business justification. These requests are granted based on the principle of least privilege, where requests must specify to which layer of the data center the individual needs access, and are time-bound. Requests are reviewed and approved by authorized personnel, and access is revoked after the requested time expires. Once granted admittance, individuals are restricted to areas specified in their permissions.

    All equipment is checked upon arrival. Visitors are screened upon entry to verify their identity, and in shared situations, are escorted to their appropriate locations.
    We also restrict personnel access to all hypervisor management functions or administrative consoles on the principle of the least privilege.

    More FAQ's...