Data Security Policies

Orange ISP About

SECURITY POLICY

 

Data Security Policy

Orange ISP’s products are built with security at their core.

 

Data Storage Site Security

The sites where your data is stored, including data centers, offices, and off-site storage facilities, will have appropriate and physical security controls.

These measures include:

  1. Physical access to our data centers, where customer data is hosted, is limited to authorized personnel only. Access is verified using biometric measures. Physical security measures for our data centers include on-premises security guards, closed-circuit video monitoring, man traps, and additional intrusion protection measures.
  2. Orange ISP maintains a business continuity and disaster recovery program to ensure services remain available or are easily recoverable in a disaster. These plans are tested and reviewed at least annually.

 

Network Security

The networks on which your data will be transmitted will be protected from unauthorized access or infiltration, either internally or externally.

The measures that will be taken to ensure this includes:
  1. Running periodic external and internal vulnerability scanning and informing the relevant data exporter of any issues.
  2. Maintaining perimeter defenses such as firewalls and data loss prevention solutions.
  3. Maintaining internal defenses, such as security information event management, involves analyzing log files to identify anomalous behavior and other threats.

Platform Security

The technology on which your data is stored, including servers, workstations and laptops, cloud service, and other portable media, will be protected from known threats by:

 

The measures that will be taken to ensure this will include:
  1. Ensuring anti-virus or anti-malware systems are implemented and kept current for all operating systems.
  2. Ensuring operating systems have secure configuration.
  3. Maintaining internal defenses, such as security information event management, involves analyzing log files to identify anomalous behavior and other threats.

Data Access

Your data will be accessed only by Orange ISP authorized personnel through such means as:

 

The measures that will be taken to ensure this will include:
  1. Use unique usernames and passwords to access the IT systems that host your data, including multiple authentication factors, to access IT systems remotely.
  2. Implement security policies to ensure that passwords are not shared and that systems’ passwords are changed periodically in accordance with recommended best practices.
  3. Ensuring access to your data is authorized and approved.
  4. Ensuring there is a clear segregation of duties between users.
  5. Ensuring access is granted on a least privileged basis.
  6. Terminating access where appropriate.

Data Processing

We will enforce appropriate aspects of good security practices when processing your data.

The measures that will be taken to ensure this will include:
  1. Maintaining and enforcing policies on the secure handling and care of data and ensuring that such policies are known to all Orange ISP employees through awareness training.
  2. Ensuring that developers are trained and updated in security coding techniques.

Staff and 3rd Party Security Procedures

 We will ensure and maintain the integrity of personnel accessing your data by:

 

These processes include:
  1. Assessing the reliability of Orange ISP employees with access to personal data.
  2. Perform background checks and implement a 100%-transparency culture from the top (senior leadership) down.
  3. Maintaining and enforcing policies on the secure handling and care of data and ensuring that such policies are known to all Orange ISP employees.
  4. Have employees and contractors sign confidentiality agreements before accessing your data.
  5. Review any policies we will use to ensure appropriate security measures are in place.
  6. We ensure any third party adheres to the minimum controls prescribed by our information security policies.

Availability and continuity

We have established a set of data breach security procedures that include the following elements:

 

These processes include:
  1. Detection: Establishing the facts of the incident and creating a diagnostic, containment, and communications plan for those whose data has been affected.
  2. Containment: Limiting the extent of the data compromise.
  3. Eradication: Removing all hostile code/configuration aspects, if applicable.
  4. Recovery: Restoring data and system to a known good state without vulnerability.
  5. Review: Assessment of how to avoid similar incidents in the future.
  6. Notification: Informing relevant interested parties of the data breach within legal and industry-acceptable obligations and time-frames.

Staff and 3rd Party Security Procedures

System availability is our top priority. We maintain multiple geographically diverse data centers and have implemented robust disaster recovery and business continuity programs. Each client defines their disaster recovery with various options depending on recovery availability and speed. Please see your account team or our Service Level Agreement for more information on our service levels.

 

 

Security built upon a strong foundation

As an end-to-end cloud-native platform, our products and services leverage the state-of-the-art security provided by Orange ISP and Google Clouds to keep your data and our products secure.

 

Multi-homed with multiple diverse redundant 10+Gbps links cross-connected into Verizon, ATT, GTT, Hurricane Electric, Internap, Cogent, and Spectrum ISP fiber optic networks. Having a substantial infrastructure foundation allows Orange ISP to maintain incredible Cloud speed response timing, more up-time, low latency for company operations, customers systems, and customer-customers experience.

Orange ISP is an American family-owned, small business, equal opportunity employer, and privately held corporation based in Los Angeles.

OUR CUSTOMERS

100% reviews across Google+,
Yelp, LinkedIn

“Orange ISP has been our 5-star luxury hotel DIA provider for over 9+ years and our Cloud and Managed IT provider for 8+ years (from 2012). Since we have been working with Orange ISP our infrastructure has stabilized and our network is secure. Orange ISP handled an office expansion for us with no issues. We highly recommend their Managed IT services because they provide hands-on support. All calls go directly to a certified engineer and trouble tickets get resolved quickly and precisely.”

Senior V.P 5-Star Hotel & Resort Beverly Hills & New York.

ABOUT US – Parent Company

Global IT Communications, Inc

We are an IT team of technically-minded professionals with specialties in Enterprise, Data Center, and business IT operations that strictly adhere to industry-leading service management methodologies such as ITIL. Each of us has a track record of success in our given fields, and we all feel passionate about using our skills-sets towards a worthy cause. We come from different places, have different backgrounds, and own diverse experiences. Still, we all come to work every day as a team, knowing we’re working on significant, complex problems together while helping companies manage and control IT operations efficiently.

Contact Us

Did you know that in the 1930’s Los Angeles was known as the “Orange Empire”?, well, Orange ISP is bringing it back.





    Add Your Heading Text Here