The BMBY System allows for access & management of data from any point in the world from every computerconnected to Internet without any previous installation of software, receiving online information and execution of commands subject to authorizations.
Within the system, available to you, are installed the most advanced means of securing activities, protecting privacy and classified data and information.
- System Identification:
Entrance to the system by means of user code, personal password and USB Key (optional).
- Communications Encryption:
Information transfers between the Server and client via 128-bit encryption SSL communication.
- Database Server:
Access to customer data protected by means of advanced hardware and software security systems.
- Security Elements:
Screening on the level of communications (Firewalls, Routers etc.) and infrastructural elements of defense and filtration applications.
- Inspection and Control:
Means of on-going inspection and control of Server communications.
- Periodic Security Check:
Implemented by an expert from an exterior company specializing in this.
- Physical Defense:
The Servers are installed in an advanced protected facility defended as per international standards
bmby Software Systems implements stringent information security strategy and is among the few companies in its field competent information security standard ISO 27001. As a result, the management team and employees are committed to quality execution of this strategy is also reflected at the level of infrastructure, physical security, computing, procedures and processes used by the organization. The high level of security is maintained at all times in carefully monitored twice a year by an external audit of the Israel Standards Institute.
- Applicative CSA certification (Certified Secure Application) and compliance with the international standards of the EC Council. Hence all the systems, the procedures for backups (external sites secure) encryption, set the DRP (Disaster Recovery Plan) and the development of Heather
- Various software – meet the most stringent international standards of information security.
- Overseeing all external sites secure infrastructure (buildings photographed, with entry control complex, rigorous access restrictions, and staffing 24/7/365); All information is backed alternative sites, including RAID Redundancy backup communications, and maintenance without downtime for the customer.
- Disaster Recovery Plan / Business Continuity Plan – all information is backed up fully (Full Redundancy) at two different external and secure.
- Physical security of the sites includes armed guards, walls peanuts and Mborzlim (Bullet Proof) at a confidence level of safety deposit boxes, elaborate fire extinguishing equipment, means of backup power, UPS and industrial generators.
- Physical compartmentalization between servers: each client assigned to servers that are dedicated to him, and at the level of individual physical access to any other servers.
- Maintenance at all sites – the main alternatives, including Patch Management.
- Current backups of all data on all websites.
- Gateway Security includes firewall (IDS (Intrusion Detection Systems and IPS (Intrusion Prevention Systems).
- Protection from DOS to DDOS (Denial of Service / Distributed Denial of Service) – All attacks are stopped, filtered and fanning at the level of the Gateway.
- Anti-virus software at all levels of the information chain – servers, Gateway and Clients (end stations).
- Database security, secure overall scheme of the database of each client, and review (DBA (Database Administrator pool.
- Overall access security policy of stringent password strength (change, complexity, length, etc.), and strict regulations limiting the access occurred. Access to information sensitive in nature is limited and is allocated only a minority of senior officials and licensed in accordance with security clearances, whose work requires access to this information.
- As an essential part of the development process in Bambi, software development processes are being made in implementing information security. Thus, the development of dedicated client software are made under the Security Code Review to ensure attention to every element of security throughout the information chain.
- HR – Company leader stringent recruitment processes and their assessment of the current, which include rigorous reliability testing employees before recruitment and during their employment (background check, reliability assessment, polygraph test relevant employees, etc.). Training for new employees and refresher courses are held periodically to make sure that every employee knows and rooted duties and obligations to the Company and its customers.
All information security system Bambi subject to external and internal audits frequently – by the Standards Institute, the company’s customers, and unannounced inspections of non-sampling accompanied by professional information security company – ensuring consistency in maintaining the highest level of security over time.