|
Today’s ever-growing number and size of digital file formats—such as MP3, JPEG, PowerPoint, and more—quickly exceed the common attachment size limitation of commonly used email applications. This has given rise to the popularity of digital content delivery services that enable companies to easily send these files to customers, partners, and vendors so they can collaborate and conduct business fluidly.
YouSendIt provides the leading solution for business-critical and large file deliveries. This on-demand service is used by over seven million people around the world to reliably send, receive and track documents via the YouSendIt website and from popular applications such as Microsoft Outlook, Office, Photoshop, Final Cut Pro and more. YouSendIt has implemented a comprehensive, seven-layer security strategy so you can rest assured that your data remains safe and secure at all times. Based on industry-standard security mechanisms and best practices, YouSendIt provides controls at every level of data access, storage, and transfer.
This white paper details each layer of YouSendIt’s seven-layer security strategy.
The YouSendIt Seven-Layer Security Strategy
YouSendIt employs seven levels of security throughout its infrastructure to deliver the premier secure, reliable digital content delivery platform in the industry.
Secure, Reliable Data Center Facilities
YouSendIt maintains secure, redundant, state-of-the-art data centers in California, Virginia, and London, England. Each YouSendIt data center facility is protected with double-wall construction and secured with biometric and video surveillance security. Physically protected around-the-clock by on-site security guards, each YouSendIt data center includes raised floors, seismically protected equipment, and water suppression and dry-pipe fire protection technologies to prevent damage or loss from fire, earthquakes, flooding, and other natural disasters.
All servers within each data center are secured in a locked room with limited access only by authorized individuals, and every visitor to a YouSendIt data center must possess not only a valid password but also must pass a biometric scan to gain entry. Guests and one-time visitors are always escorted by a data center security guard or another authorized YouSendIt employee. The entry and exit time of each visitor is recorded in a secure audit log.
To guarantee continuous, around-the-clock operations, YouSendIt maintains dual, redundant power supplies for every device and system in each data center, including UPS battery systems and diesel generators. Upon failure of the primary electrical power source, the backup power supply takes over, assuring users of continuous service at all times.
The YouSendIt data center facility in London, England is SAS 70 Type I certified, a designation which is granted after an outside audit firm audits a company to ensure it adheres to the specified data protection controls. YouSendIt is currently in the process of securing SAS 70 certification for its other two data centers.
Network Access Control
YouSendIt implements network- and application-level firewalls to provide IP filtering and intrusion detection protection. Every server in each YouSendIt data center is protected with a constantly updated, industry-leading firewall, which blocks all ports except HTTP and S-HTTP on port 443. Port 443 using HTTP or HTTPS is dynamically opened and closed as required. In contrast, competing solutions using Secure FTP or Secure Shell (SSH) require permanently open ports in a firewall, allowing unfettered inbound network commands and leaving the network vulnerable to attack. Every server in YouSendIt’s data centers is based on the Linux operating system, a secure operating system that is not commonly affected by viruses or malicious attacks. For additional security, YouSendIt conducts regular vulnerability scans of its internal network to proactively detect and prevent new and zero-day attacks, and all files uploaded to YouSendIt servers are automatically scanned for viruses and other embedded malicious code. YouSendIt proactively notifies the user if a file her or she has uploaded contains a virus.
User Authentication and Authorization
All YouSendIt users must register using a valid email address and password. These credentials are encrypted during transmission and storage using a one-way hash. YouSendIt also requires every registered user to authenticate his or her email address before the user is able to use the YouSendIt service, ensuring that the user has registered a valid email address. Passwords must be more than five and less than 16 characters in length.
When a user requests a password reset, YouSendIt verifies that the correct, authorized user is making the request by sending a notification to the requesting email address that requires a response. In addition, an additional notification is sent to the same email address after the password has been reset to verify the password.
|
