You’ll no doubt remember exactly where you were and what you were doing in mid-December 2020 when news broke about the biggest cyber-attack in recent years.
It was certainly a wake-up call for organizations of all sizes; information security should not be treated as an after-thought.
At Techniche, security is at the heart of our technology, processes, and people. Our customers place their trust in our products, and we take all steps possible to safeguard against any malicious behavior.
As a supplier to private, Fortune 500, and S&P companies, as well as government departments of G20 countries, it’s essential we approach the development of our technology, including Statseeker, our network monitoring solution, with security first and foremost.
While some of our security measures must remain confidential, we are pleased to share many of the measures we have in place to protect Statseeker and provide confidence to our customers.
Statseeker Product and Platform Security
Development
- Product security is a key factor in all development processes.
- Our in-house security team monitor the latest industry security vulnerabilities and work with the development team to understand how these could impact the Statseeker platform and our customers.
Product install and updates
- Access to our install files is only available through our sales and support team members.
- Checksum verification is offered for all downloadable install files.
- All updates to a Statseeker installation are initiated by an authorized customer user.
- All traffic between the Statseeker server and customer’s back-up server can be configured for secure communication and encryption.
Platform security
- Our underlying operating system FreeBSD is widely recognized as one of the most secure operating systems available.
- FreeBSD has its own security team overseeing all software shipped in the base distribution.
- Statseeker does not provide out-of-the-box privileged root-level CLI SSH access.
Product security
- The Statseeker server does not depend, initiate or receive any external internet-bound communication by default.
- All web-based communication to and from the Statseeker server is encrypted by default using SSL certificates with best practice key ciphers and key length encyrption. Customers can implement their own signed SSL certificates to manage this web service.
User access
- User access to the Statseeker product can be managed via secure LDAP or RADIUS centralized authentication services as needed.
- User roles and permissions control all in-product access.
A more detailed version of ‘Statseeker Product and Platform Security’ and other security-related documentation is available in our technical documentation library.
In addition, our security team produces a Statseeker Guide to Server Hardening to guide you through the process of ensuring your Statseeker server is as secure as it can be. This guide is constantly updated.