State-of-the-art digital security.
AssetWatch secures your information using bank-level encryption and password protection technology. We store all your information on a dedicated server. We encrypt using Verisign – the system used by 93 percent of Fortune-500 companies and 40 of the world's top-100 banks.
Sophisticated physical security.
Sophisticated technology and strong physical security.
Our application is hosted in the Microsoft® Azure® data center Design and Operational Security.
Microsoft has developed industry-leading best practices in the design and management of online services, including:
- Security Centers of Excellence. The Microsoft Digital Crimes Unit, Microsoft Cybercrime Center, and Microsoft Malware Protection Center provide insight into evolving global security threats.
- Security Development Lifecycle (SDL). Since 2004, all Microsoft products and services have been designed and built from the ground up using its Security Development Lifecycle - a comprehensive approach for writing more secure, reliable and privacy-enhanced code.
- Operational Security Assurance (OSA). The Microsoft OSA program provides an operational security baseline across all major cloud services, helping ensure key risks are consistently mitigated.
- Assume Breach. Specialized teams of Microsoft security engineers use pioneering security practices and operate with an 'assume breach' mindset to identify potential vulnerabilities and proactively eliminate threats before they become risks to customers.
- Incident Response. Microsoft operates a global 24x7 event and incident response team to help mitigate threats from attacks and malicious activity.
Security Controls and Capabilities
Azure delivers a trusted foundation on which customers can design, build and manage their own secure cloud applications and infrastructure.
- 24 hour monitored physical security. Datacenters are physically constructed, managed, and monitored to shelter data and services from unauthorized access as well as environmental threats.
- Monitoring and logging. Security is monitored with the aid of centralized monitoring, correlation, and analysis systems that manage the large amount of information generated by devices within the environment and providing timely alerts. In addition, multiple levels of monitoring, logging, and reporting are available to provide visibility to customers.
- Patching. Integrated deployment systems manage the distribution and installation of security patches. Customers can apply similar patch management processes for Virtual Machines deployed in Azure.
- Antivirus/Antimalware protection. Microsoft Antimalware is built-in to Cloud Services and can be enabled for Virtual Machines to help identify and remove viruses, spyware and other malicious software and provide real time protection. Customers can also run antimalware solutions from partners on their Virtual Machines.
- Intrusion detection and DDoS. Intrusion detection and prevention systems, denial of service attack prevention, regular penetration testing, and forensic tools help identify and mitigate threats from both outside and inside of Azure.
- Zero standing privileges. Access to customer data by Microsoft operations and support personnel is denied by default. When granted, access is carefully managed and logged. Data center access to the systems that store customer data is strictly controlled via lock box processes.
- Isolation. Azure uses network isolation to prevent unwanted communications between deployments, and access controls block unauthorized users. Virtual Machines do not receive inbound traffic from the Internet unless customers configure them to do so.
- Azure Virtual Networks. Customers can choose to assign multiple deployments to an isolated Virtual Network and allow those deployments to communicate with each other through private IP addresses.
- Encrypted communications. Built-in SSL and TLS cryptography enables customers to encrypt communications within and between deployments, from Azure to on-premises datacenters, and from Azure to administrators and users.
Enhanced password protection.
Unlike the six-character passwords used by competitors, we enhance security by requiring eight alpha numeric characters. This meets recent recommendations from security experts.
AssetWatch’s security is frequently inspected by an independent third party security specialist.
The AssetWatch system recognizes your computer and if your account is accessed from a different computer the correct answer to a security question will be required.
All of AssetWatch’s management store their critical personal information on the same platform our customers use.