Diligent Boards Data Regions and Protection

Diligent Boards utilizes colocation data center services in the United States, United Kingdom, Canada,
Germany, and Australia. Diligent owns and operates the infrastructure and the colocation vendors provide Tier 3 redundant utilities and environmental controls, as well as physical security controls.
Diligent infrastructure resides in its own dedicated, locked cage in the data center. 

Data Center Physical Security

The colocation data centers feature the following security controls: Man-trap entry, onsite security officers, PIN and card readers, biometric readers, CCTV surveillance, and motion detection. Security systems have a dedicated uninterruptible power supply, plus backup power generation. Access by Diligent staff requires registration with the data center, prearranged visit ticket, and 2FA to enter the data center and equipment cage. Access to the facilities is reviewed annually. The colocation data centers feature the following operational controls: redundant power feeds, UPS systems, backup generator, fire detection and suppression equipment, leak detection systems, and redundant HVAC systems.

Infrastructure

At the infrastructure perimeter are redundant firewalls with integrated Intrusion Detection/Prevention System (IDS/IPS). All connections into the application environment terminate on reverse proxy appliances which provide load balancing and redundancy. These appliances also segment the service tiers and restrict ports and protocols to only those required for the application. Data movement among different networks segments inside of data centers are controlled by network firewalls by implementing application specific policies. Servers within the environment are protected by both signature- based and heuristic-based end-point protection tools. Data storage utilizes a scalable high-performance Storage Area Network (SAN). All data uploaded is continuously replicated to a secondary data center to allow for business continuity and disaster recovery. Both infrastructure environments are continuously monitored for uptime, performance, security, and capacity. Monitoring is performed by Diligent’s 24/7 Operations Team using logging, automated alerts, and dashboards.

Availability

Production infrastructure is implemented with many high availability features including clustered servers for each application component, load balancing among the components, and real-time application and infrastructure monitoring. The redundant and modular design of the system also allows Diligent to perform most maintenance tasks without interrupting the service.

Web Application Firewall (WAF)

Diligent’s application servers are protected by a next generation web application firewall (NG-WAF) to automatically detect and prevent OWASP top 10 attacks such as SQL Injection and Cross Site Scripting (XSS), as well as other malicious activities, including Path Traversal, Denial of Service, Malicious bots, API Abuse, and more.

Distributed Denial-of-Service (DDoS) Protection

DDoS protections are in place to protect the most critical assets based on risk assessments.

Backups and Disaster Recovery

Diligent has a documented Business Continuity and Disaster Recovery Plan. The plan includes a Disaster Recovery Site for production and corporate functionality, provisions for alternate work locations, assigned roles and responsibilities, provisions for pandemic/mass absenteeism via geographically remote sites, and customer notifications of a Disaster Recovery situation. The plan is reviewed and tested annually.

The backup schedule consists of daily differential backups and monthly full backups. Primary and secondary data center databases are kept in sync through disk-level replication. In addition to replication, customer data is backed up at the primary data center and then replicated to the secondary data center. All backup data is encrypted and stored online at the data centers. Backups are kept for 60 days. No tape or other media is used, and no third- party storage providers are used.

Data Availability

The maximum acceptable length of downtime for the service is four hours, even in the event of a disaster. The system recovery plan is tested to ensure this target can be met. The maximum acceptable length of data loss is currently considered to be four hours, even in the event of disaster. Therefore, backup intervals are configured to allow for loss of customer data of four hours or less, depending on the time of system failure.

Data Privacy

Customer data is considered confidential information and is handled securely by Diligent personnel. Customer data is never copied to assets outside the production environment, including employee laptops.

Any troubleshooting that needs to be performed on customer data is performed in the customer’s environment. When Diligent personnel need access to a customer environment, a ticket is generated indicating that the Customer has authorizing and enabling Support to access the instance, why the interaction was necessary, and what work was performed.

Actions by Diligent personnel on a customer’s system are limited to resolving the customer needs, and nothing more as the Customer is responsible for granting the authorization to access Customer material. Once a customer is satisfied with the result, and the ticket is closed, access is removed. We collect only the minimum personally identifiable information necessary from your licensed users for purposes of account set-up, access to product resources, and system administration.

Data Retention

Boards client data is retained for the duration of the service contract. Aside from the contract, data retention is controlled by the customer. Customers can delete data from the database at their discretion. At the termination of the contract, the customer’s database will be deleted on the production servers and backups will be removed promptly. Diligent can assist customers with downloading their data in PDF format before the end of the contract.

Data Destruction

At termination of contract, Diligent ensures that the customer database, and any backups, are rendered unrecoverable and securely removed from storage. Diligent will provide customer with confirmation of their site’s deletion.

Data Jurisdiction

Customers can choose from a selection of countries to have their data hosted in. Hosting environments are physically and logically separated. Each environment is provisioned within a single country, consisting of a primary and secondary data center. There is no mechanism or configuration to replicate data to another hosting environment in a different country.