Physical, Logical & Network Access Controls for Giva's Asia Pacific Data Centres

Giva's security approach uses a comprehensive multi-tiered security strategy to protect data with a multi-tenant infrastructure to manage costs for our customers. Giva's cloud help desk software is compliant with security and privacy standards including PCI, SSAE 18, and Privacy Shield.

Physical Access Controls of Data Centres

  • Physical Security
    • Restricted Parking / Premises
    • Restricted Access to the Facility
    • No Signs Identifying the Data Centre
    • Security Guard 24x7
    • Photo ID Required
    • Sign-In / Sign-Out Process
  • Data Centre Security and Facility
    Access Rights
    • Restricted Access to Facilities
    • Biometric Access Required
    • Signs Posted for Restricted Access
    • Unique Access ID for Each Employee
    • Process for Granting/Revoking Access
    • Escort Required for Visitors/Vendors
    • Reconciliation of Staff with Access
    Access Tracking
    • Live Monitoring of Accesses
    • Digital Log of Door Accesses
    • Written Visitor Log
    • Camera Placement at All Door Access
    • Points, Aisles/Cages
    Data Protection
    • Shredders to Destroy Sensitive Documents
    • Server Cabinets Secured
    • Network Cables and Sockets Secured

Logical Access Controls

  • Separation between each customer's data
  • Separate & Defined Server Roles
  • Access control and logging for all access to servers with PHI
  • Firewalls between Public/Private Server Zones
  • Documented Policies/Controls
    • Access Control
    • Password Management
    • Firewalls
    • Virus Protection
    • Data Classification
    • Encryption
    • Retention
    • Destruction
    • Production Change Management
    • Incident/Problem Management Program
    • Security Incident Response Plan
    • Risk Management

Network Access Controls

  • Firewall
    • Firewall redundancy
    • Point to Point VPN Tunnels
    • SSL VPN Remote Access
    • Dual Factor Authentication
    • 3DES Encryption
    • IPSEC Tunnels INGRESS and EGRESS Filters
  • Network
    • Private VLAN
    • DMZ Zone for public services
    • Internal Zone for private server
  • Intrusion Prevention
    • Intrusion Detection
    • Intrusion Prevention
    • Prevention of "Phone Home bots"
    • DDOS Mitigation
    • SSL Offload IDS/IPS of SSL traffic
    • Web Application Firewalls for OWASP 10
  • Enterprise - Anti-Virus
    • Enterprise Grade Anti-Virus
    • Host-based intrusion prevention
    • Centralized Reporting
    • Abnormal Process Logging

Learn More About Giva's Asia Pacific Data Centres

HIPAA-Compliant Data Encryption
Data Encryption
HIPAA-Compliant Onsite & Offsite Encrypted Backups
Onsite & Offsite Encrypted Backups
HIPAA-Compliant Physical, Logical & Network Access Controls
Physical, Logical & Network Access Controls
HIPAA-Compliant Vulnerability Management & Logging
Vulnerability Management & Logging
HIPAA-Compliant Defined & Tested Security Policies & Procedures
Defined & Tested Security Policies & Procedures
HIPAA-Compliant SSAE 18 SOC II Type 2 Certification
SSAE 18 SOC II Type 2 Certification