Safe Data. Sound Security.
ngDesk recognizes the critical importance of keeping your data safe. All of our data centers follow industry best practices, back up daily, and use scrambled data when running tests. ngDesk also follows a number of compliance protocols to match the most rigid industry security requirements.
ngDesk boasts data centers across the globe, including the United States (Dallas), Canada (Toronto), Europe (Amsterdam), China (Hong Kong), South America (Sao Paulo), and India (Mumbai). Each of these facilities follow the strictest industry standards to ensure the security and confidentiality of your data.
Secure Data Center
ngDesk servers are hosted at Tier IV or III+, SSAE-16, PCI DSS, or ISO 27001-compliant facilities. These facilities follow industry best practices to ensure complete confidentiality and integrity.
ngDesk’s security team is trained to properly escalate threats 24 hours a day to assist you during security incidents. ngDesk is fortified by a high-quality firewall and router technology as well as anti-network intrusion detector and a secure HTTPS for transportation to public networks. Our networks are composed of multiple layers of security zones, while routine network scans help us detect system intrusions and non-compliance systems. ngDesk employs third-party security to inspect and test our network. Data that flows through our system is overseen by intrusion detector and prevention systems, which are monitored daily and instantly fire alerts. Our production network maintains high security, with multiple authentication methods, frequent auditing, and monitoring from the operations team.
Product Security Features
ngDesk seamlessly integrates into your existing security protocols with authentication and single sign-on features to easily manage access and sharing policies. ngDesk servers also employ the industry standard HTTPS to encrypt all communication over public networks to encrypt all communication with ngDesk servers.
ngDesk Availability and Continuity
ngDesk retains a system-status website that provides information such as system maintenance schedule, history of service down, and other applicable information. In the event that our system is down, we have implemented a crisis retrieval program to guarantee that our system stays up and running. If our main website becomes unavailable, data will be transferred to a backup site until the main site is back running normally. For more on this feature, contact us.
Throughout the year, All Blue Solutions engineers and developers take part in rigorous security training in coding, intrusions, and common security weaknesses. It should also be noted that our operational and development environment is separate from our main work environment.
ngDesk provides various security options, which guarantees that data is both safeguarded and confidential. However, prevention is key to ensuring that the most sensitive of data remains secure. Here are a number of steps you can take to ensure the security of your ngDesk account:
- Block spam material in comments: Fight harmful material from being published by end-users.
- Never disclose login information: Emails, usernames, and passwords are to be kept secret. If password is forgotten, always use “Forgot my password.”
- Review account logs: Track changes such as user suspensions, exports of client data, and changes to user(s) roles.
- Censor payment information in request submissions: Avoid compromising financial information.
- Enable user single sign-on interface: Add an internal login option to authenticate users outside of your ngDesk account.
- Create IP restrictions to ngDesk: Restrict ngDesk log in to a specific IP address.
- Ensure agents monitor their own accounts: Encourage agents to be vigilant of password resets and access from new devices.
- Strengthen agent password security: Set your desired security level to prevent unauthorized access to account.
- Create a cap on the number of administrators: Develop custom agent classification and access privilege to ngDesk.
ngDesk data is backed up daily, logs are backed up continuously during the day, and all backups are replicated to a second data center more than 500 miles away.
We don’t back copy production data to test our software nor do we test using real data. When we do run tests, your data remains in the secure zone, follows secure zone procedures, and the data is masked and obfuscated for testing procedures in non-secure environments.
Your privacy is important to us.
- We will collect personal information by lawful and fair means and, where appropriate, with the knowledge or consent of the individual concerned.
- Before or at the time of collecting personal information, we will identify the purposes for which information is being collected.
- We will collect and use personal information solely for fulfilling those purposes specified by us and for other ancillary purposes, unless we obtain the consent of the individual concerned or as required by law.
- Personal data should be relevant to the purposes for which it is to be used, and, to the extent necessary for those purposes, should be accurate, complete, and up-to-date.
- We will protect personal information by using reasonable security safeguards against loss or theft, as well as unauthorized access, disclosure, copying, use or modification.
- We will make readily available to customers information about our policies and practices relating to the management of personal information.
- We will only retain personal information for as long as necessary for the fulfillment of those purposes.
More ngDesk security features
ngDesk provides permission to certain data on user accounts based on given access privilege classification. ngDesk also allows defined users to block certain IP addresses from accessing specific parts of ngDesk of your choosing. To learn more about this feature, contact us to get start started. Communication between you and ngDesk is always confidential and secured through a trusted HTTPS network. ngDesk provides Domain Keys Identified Mail (DKIM) and Domain-based Message Authentication, Reporting and Conformance (DMARC) when sending outbound emails through ngDesk to prevent deceptive emails. Our system also protects user information by automatically redacting both credit card and social security numbers from ticket information.
Employee vetting and confidentiality
All Blue Solutions conducts frequent mandatory background checks on both new and current employees (including individuals under contract) in accordance with local and state laws. Background checks are comprehensive and include criminal, employment, and education history. Employees are also required to sign non-disclosure and confidentiality agreements as a condition of employment.
Employee security training
All employees are given training on security, in accordance to Health Information Trust Alliance (HITRUST), and Health Insurance Portability and Accountability Act (HIPPA) policies. Employees are also trained on in-house security polices and learn how to protect sensitive data when operating technological equipment and company provided mobile devices.
Bug Bounty Program
Through our Bug Bounty Program, we encourage security researchers to safely test and notify ngDesk of security vulnerabilities. If a reported bug is validated, the user will receive a cash reward. Find a bug? Report it here.