Print this page Print this page

Email this page Email this page

Security

Visible Path Security Statement

Last Revised: 12/10/08


Notice: Visible Path is now Hoover's Connect

In the past, you've turned to Visible Path for connections and networking. Now, Visible Path is part of Hoover's – the leading business information provider. As a result, we're changing our name to reflect our new brand; Visible Path is now Hoover's Connect. Hoover's Connect continues to honor the original Visible Path privacy policy described below.

 

While no computer system can be guaranteed to be absolutely impervious to compromise, Visible Path management takes the security of customer information seriously. To that end, we have employed the following measures to assure the confidentiality, integrity and availability of our customers' information:

  • We host the production systems at a dedicated Internet Hosting Center, which provides carrier class environmental protection including access security, video surveillance, power conditioning, backup power including both battery and generator systems, air conditioning and fire suppression.
  • We ensure availability with fully redundant systems, as well as both local and off-site backup.
  • We use a formal development process including software QA and testing, peer review and release management to provide assurance of data integrity throughout the development lifecycle.
  • Our production system architecture employs multi-zone security designed for greater assurance than a simple perimeter approach, including managed firewall and network intrusion detection at outermost access zone, and defense in depth, including physical, network, host and application layer controls deployed in the web, application and database zones.
  • We employ a minimalist approach to system configuration to ensure that only those protocols needed to support the Visible Path application are allowed through the network access controls, and only those services needed are installed and running on the system hosts, thereby reducing possible attack vectors.
  • All user access to the production platform runs over SSL encrypted channels, to protect customer information while in transit.
  • All administrative access to the production platform runs over SSH encrypted channels, with secondary authentication and role based access. Both stringent password rules and system logging are employed.
  • We protect customer data through multi-tier application architecture, with network access control between each tier, and with application, database and operating system security enforcing business rule-based data access.
  • Our security management program includes formal roles and responsibilities, system review process, monitoring/alerting and incident response plan, staff awareness training, and both internal and external audits to ensure appropriate configuration management and patch application.

Changing the security statement

Visible Path may update this security statement. If we make any significant changes in the way we treat the security of your information, we will notify you via email if you are a subscriber, and will post the updated security statement on the web site.

Questions or comments?

Please email us at privacy@hooversconnect.com or contact us at:

Visible Path Corporation
Attn: Privacy
650 Townsend St, Suite 675

San Francisco, CA 94103