Security


CIS Continuous

Improvement Software

Security - Protecting

Your Information 24/7




CIS Software is a complete management and document control software system that offers our clients a complete cross platform solution to manage their complete organization. In fact, CIS is referred to as an "Enterprise Solution".

With that in mind, the security of our customer's information is the most important concern of all our developers and designers. It is for that reason alone that we have outsourced our software to what we consider the best available service in the United States of America. OpSource is our provider and you may visit their web site by clicking on their logo in the top right corner of this page.

The following two documents may be downloaded and provide an overview of the security in place at OpSource and their SAS-70 Security Certification.
SAS Security Certification

OpSource Security Explanation

Of course security is not only localized at OpSource. We at CIS Software have implemented the following security policies to further ensure that there is no un-authorized access to our customer's information.

1.  OpSource has 100% control of our CIS software system;

2.  OpSource makes all revisions to the systems and they require us to provide them with the revisions and explanations;

3.  Our programmers do not have access to the server without first requesting this access from OpSource who will:

a.  Provide the access when reasonably required to assist OpSource;

b.  Provide access for an agreed time, period  and date;

c.  Track and record every movement of our programmers while they have access to the server.

4.  Our developers and programmers will only have access to the test (Beta) web which is not located at OpSource. We use the beta web to implement new features and test them to ensure 100 % conformance to our specification;

5.  OpSource requires our programmers to reproduce any problem on the beta web and provide them the solution to be implemented on the live systems by OpSource;

6.  OpSource does not have any passwords to access customer’s systems and if it became necessary for them to access a customer’s system, they would make this request to CIS Head Office who will would forward the request to the applicable customer. The customer will be responsible to provide by e-mail directly to OpSource a login name and password to their system and to suspend this login immediately after the testing or investigation of the problem is completed;

7.  We have Non-disclosure agreements within our contracts with the programmers, server companies and all Master Distributors and CIS Certified Consultants.

 

We would like to point out some further notes about security and confidentiality of information. We have always included this subject in each of our start-up seminars and we discuss it in the training video on document and control. The absolute best control is when a company controls the access to open a document. All software programs and windows provides for the ability to assign passwords to documents so that they may only be opened by users knowing the passwords. The encryptions today are impossible to crack. We suggest different levels of passwords to reflect different levels of authority. If a document is truly sensitive, it should have a password to enable authorized personnel only to open it. Larger firms will password-protect all sensitive documents. This ensures security across all platforms including managers and employees who may have access to this sensitive material but can not open the material without the proper password. This is actually a requirement in the food industry and is common-place when dealing with company recipes. When some one leaves the company, their access to CIS should be suspended and consideration to change the document passwords should be evaluated for risk potential.


OpSource


OpSource is the company we use to manage and host CIS Software, a SaaS Product.

Managed hosting and ASP delivery are so yesterday. Today, Software-as-a-Service and Web 2.0 success is all about creating innovative applications and services, and selling and marketing them like a Web company - not about building infrastructure and operation staff. SaaS and Web 2.0 companies need a partner that does more than just manage servers, they need a business partner that delivers applications over the Web.

OpSource is focused exclusively on software as a service application delivery over the Web. This is why some of the largest software companies in the world, as well as some of the fastest growing Web 2.0 companies, have chosen OpSource as their Web application delivery partner. OpSource provides everything but the application, and is the only Web application delivery company whose customers pay only for what they sell, not for the resources they consume.


 

 

Copyright 2005 CIS Software- All Rights Reserved •  Privacy Policy • Legal Statements • Last Update: 08/12/2008