Software data security
Good data security is a crucial part of the Procountor financial administration software’s development and service provision. Data security includes the external and internal security of servers, verification of data in the service, the testing and monitoring of hardware and software, the confidentiality obligation of personnel, user identification and the encryption of data communications related to the software.
Server data security
The Procountor production environment operates on dedicated servers to which only authorized persons have access. The maintenance of our production servers is the responsibility of DataCenter Finland Oy. DataCenter is a leading Finnish data center and IT service provider with solid experience of the demanding insurance, bank and telecommunications businesses. DataCenter provides a secure and uninterrupted environment for service production by Procountor.
The data center containing Procountor’s servers complies with the Finnish Communications Regulatory Authority’s 48B/2004M requirements for critical hardware rooms, and is thus appropriate for business critical systems requiring a high level of data security and usability. The data center service includes a high-quality power supply with backup power, cabling, ventilation, a fire protection system and physically secure facilities.
User rights to servers, databases and information systems are secured through company, group and employee-specifically defined access rights. Use of database traffic interfaces from external networks has been prevented.
Uninterrupted operation, safeguards and control
Particular attention has been paid to uninterrupted operation and fault tolerance in Procountor’s server environment. Fault-tolerant, duplexed components are used in server hardware, and the disk systems in particular have been built to eliminate disruptions caused by physical disk errors. High usability of data communications services has been ensured through a duplexed firewall and internet connections routed through the backbone networks of two operators.
Backup copies of all Procountor databases and files are made daily in a separate fire area, and changing data is constantly replicated onto a backup server, which minimizes the disruptions caused to service provision by hardware failure, etc. The server room and service provision status is monitored around the clock so that any problems can be identified and addressed as quickly as possible.
Professional competence and confidentiality obligation among personnel
Procountor personnel involved in service production receive training in the areas specified according to their duties. All personnel working with confidential customer information have signed non-disclosure agreements.
User identification and rights
Users of Procountor software are authenticated using personal usernames, passwords, and single-use passwords for individual sessions. User rights can be flexibly defined by user and function. Data transfer between Procountor servers and users’ computers is encrypted using HTTPS technology.
Users must not disclose their personal usernames, passwords or single-use passwords to others. Procountor never asks users to disclose their passwords, single-use passwords or other confidential information by e-mail or other means. Issues related to the use of Procountor are communicated through main users and with news items that are displayed upon login.