Mar 28, 2023
10
Quest application and user access
- Web application, users only need modern browser
- Users only access is via the web browser
- Can limit access by IP address to limit access from known locations
- Can limit access by time frame to limit access during "business hours"
- All work is performed by our server
- Users must provide Jurisdiction, User id and password
- Passwords
- can be changed as often as desired.
- can configure to require changed every x days
- length and special character validations can be set and enforced as well
- Can configure automatic user access removal for not signing on in x number of days
- Users are assigned a security access level/group
- Security is very granular.
- Add, Update, Delete, Display
- DOB, SSN separate authorities
- Document level authority
- Supports redaction for Quest documents.
- Data encrypted in transmission
- Gawquest.com certificate issued through DigiCert High Assurance
- HTTPS
- RSA 2048 bit TLS 1.2 encryption over HTTPS.
- We redirect HTTP to HTTPS
- only ports open to the server are 80 (HTTP) and 443 (HTTPS)
- CJIS audit
- FIPS compliant
- Audit logs
- Sign on/off
- Authority changes
- Password changes
- Views of system log
- Bad logons
- User access log
- IBM iSeries
- Secure platform - doesn't lend itself to viruses
- RAID-5 protected
- Dual power supply's
- Full system backups are performed weekly
- Backups are stored offsite in a locked safe
- All database changes are written to a journal and the journals are copied offsite nightly
- Quest is down every Monday morning from 3AM - 5AM CST for a full backup of the system
- Have agreement to use server in another location (at a 911 facility) for co-hosting in extreme circumstance.
- Expedient data center
- 24 hour secured facility. Requires escort to the rack.
- Only two people have access to the rack and signon access to the server
- Server room has fire suppression system
- UPS protected by multiple generators
- Two separate electrical power sub stations feed the building and provide dual power
- sources to the server cabinet.
- Multiple ISPs feed the data center providing access to GAW with automatic switch over
- SOC 1 & 2 report