BGL has documented policies and procedures for risk assessment, data security, release management, security operations, incident management, privacy, visitor policy, confidential trash, new employment, employee conduct and termination of employment. Background screening, professional credential checks and police checks are conducted on team members. Policies are reviewed as required. BGL has employment contracts with all team members that comply with the Fair Work Act.
Physical Data Hosting and Security
All BGL client web data is hosted in Australia by Amazon Web Services (AWS). Data is stored across multiple zoned replicas. BGL utilises AWS services that are isolated from BGL’s own internal office networks.
No BGL staff can physically access any of the servers. BGL employs team members who maintain the data and servers housed at AWS. These team members are appropriately authorised to remotely access the servers. BGL regularly reviews these access controls.
AWS’s data centres are state of the art, utilising innovative architectural and engineering designs. AWS has many years of experience in designing, constructing and operating large-scale data centres throughout the world. This experience has been applied to the BGL Hosting Platform and Infrastructure. The Australian data centres are housed in nondescript facilities. Physical access is strictly controlled, both at the perimeter and building ingress points, by security staff utilising video surveillance, intrusion detection systems and other electronic means. Authorised staff must pass two-factor authentication at least twice to gain access to the data centre. All visitors and contractors are required to present identification, are signed in and then escorted by authorised staff. When an employee no longer has a need for access, this is immediately revoked, even if the individual continues to be employed by AWS. All access to the data centres is logged and routinely audited.
When a storage device reaches the end of its useful life, a decommissioning process ensures data is not exposed to unauthorised individuals. AWS uses techniques detailed in DoD 5220.22M (“National Industrial Security Program Operating Manual”) or NIST 800-88 (“Guidelines for Media Sanitization”) to destroy data as part of the decommissioning process. All decommissioned magnetic storage devices are degaussed and physically destroyed in accordance with industry standards. AWS is built in an environment with extensive and validated security and controls, including:
- Service Organization Controls 1 (SOC 1) Type 2 report (formerly SAS 7011 Type II report), with periodic independent audits to confirm security features and controls to safeguard customer data.
- ISO 270001 Certification, an internationally-recognized information security management standard that specifies leading practices and comprehensive security controls that follow ISO 27002 best practices guidelines.
- PCI DSS 12 Level 1 compliance, an independent validation of the platform for the secure use of processing, transmitting and storing credit card data.
- Relevant government agency and public sector compliance qualifications, such as an ITAR-compliant environment.
More information on AWS security can be found at: https://d0.awsstatic.com/whitepapers/Security/AWS_Security_Whitepaper.pdf
No BGL client web data is hosted at BGL’s offices.BGL’s offices are protected by card controlled entrances and monitored alarms, with all actions logged.
BGL clients can share data with BGL support consultants. This can be authorised when a user logs a support call with BGL and selects the appropriate option in the software. This option provides the BGL support consultant with access to fund data for five days. After five days, access is automatically revoked. The client can revoke access at any time.
Access to the AWS production environment is available to authorised BGL team members via a virtual private network (VPN). A list privilege model determines who has access. BGL follows AWS security best practices and rotates access keys. All activity is logged and accounts are reviewed on a regular basis.
Data Backup Controls
BGL web applications use mission critical databases. Databases are replicated across multiple servers and multiple AWS availability zones.
Data backups occur every two hours during the day. Full data backups are also taken each night. BGL has a documented disaster recovery plan.
BGL web applications are monitored 24/7.
Statuses of all BGL 360 Cloud services and any performance or server issues will be displayed on https://status.bgl360.com.au/
Transport of Data
BGL’s web applications are signed by a secure sockets layer (SSL) certificate, meaning all data transferred between AWS and the Internet browser is done with strong encryption and authentication, the same certification as Internet banking. The SSL connections utilise the latest Perfect Forward Secrecy. This security feature uses a derived session key to provide additional safeguards against the eavesdropping of encrypted data and prevents the decoding of captured data, even if the secret long-term key is compromised. The load balancer utilises the latest industry standard cipher suites. Most major browsers now support these newer and more secure cipher suites. BGL encourages clients to use the latest browser versions that include these stronger cipher suites for communication.
Security and External Vulnerability Assessments
Regular security training is conducted by necessary BGL team members. Open Web Application Security Project (OWASP) methods for security testing are conducted by BGL testers and developers. The application code is regularly scanned for vulnerabilities. BGL’s infrastructure and online software security are regularly reviewed by external security experts.
These highly trained specialists run penetration testing to identify and exploit any security flaws in BGL’s web applications. The testing conforms with the Application Security Verification Standard 3.0 Open Web Application Security Project.
A user role and identity system prevents users from accessing data that is not their own. Users can access the system by invite only, with access to information determined by user roles. Access is username and password protected. Access to BGL web applications is role-based, meaning the BGL client administrator has complete control over who can access data. Users are required to change their password at the first log in, with the new password sent to the user’s e-mail address. BGL enforces complex passwords. Users are automatically logged out due to inactivity after a set period of time.
Logging of User Activity
All user access is logged, including IP address, log-ins, failed log-ins and activity in the application.
Privacy of Data
BGL treats all data with the utmost privacy.