What?

Description

Physical Security

Our production equipment is located in Fort Lauderdale , Florida at a facility that provides 24-hour physical security with redundant air and power systems and other backup equipment to keep servers continually up and running.

Perimeter Defense

The network is protected by industry leading firewall and intrusion detection products.

Data Encryption

MIMS uses the HTTPS protocol for encrypted communication between the system and the end user. The lock icon in the browser indicates that the data is fully shielded from access while in transit.

User Authentication

Users access trucetech.com only with a valid username and password combination, which is encrypted via SSL while in transmission. Additional protection is offered through password encryption on the backend.

Application Security

Our robust application security model ensures that each trucetech.com user can only access his or her own data. This security model is reapplied with every request and enforced for the entire duration of a user session. User data is logically separated and with every data and page request, MIMS completes the following security functions:

1. Verifies that the request is being made by an authenticated user;

2. Identifies the user with their specific mediation firm; and

3. Only makes requests to the database using the user specific mediation firm identifier.

For mediation firm users with multiple mediators, further security is provided that separates mediator data. Only the Firm Administrator is able to see all of the firm's data or set mediator specific security levels.

Operating System Security

Trucetech.com enforces tight operating system-level security by using a minimal number of access points to all production servers. We protect all operating system accounts with strong passwords, and production servers do not share a master password database. All operating systems are maintained at each vendor's recommended patch levels for security and are hardened by disabling and/or removing any unnecessary users, protocols, and processes.

Database Security

Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is restricted to a limited number of points, and production databases do not share a master password database.

Server Management Security

All data entered into the trucetech.com application by a customer is owned by that customer. Trucetech.com employees do not have direct access to the trucetech.com production equipment, except where necessary for system management, maintenance, monitoring, and backups. The trucetech.com systems engineering team provides all system management, maintenance, monitoring, and backups.

What?

Description

Database Layer

MIMS uses Microsoft SQL Server 2000 to store customer and system data. The database is backed up nightly and pro-actively maintained.

Application Layer

The MIMS Application Layer was developed using Microsoft .Net technology and incorporates embedded security with advanced business logic processees.

User Interface

The user interface is specifically designed for the mediator in mind. The system was developed for mediators and by mediators from the ground up.

Third Party Components

Certain elements of MIMS, such as Document Generation, rely on components provided by third parties.