Giva's network security standards
Dedicated security team
Giva and DataBank's security teams are constantly monitoring our server infrastructure 24/7 to make sure that all is safe and secure. Anything that appears unusual is quickly investigated, and we use automated alerts to be proactive.
Network protection
DataBank provides network protection through their security services. They engage independent third parties for penetration testing on an ongoing basis to get an unbiased review of their network security. We use Cloudflare for additional security to monitor and block malicious traffic and network attacks.
Network security architecture
Giva's network security architecture has security zones for each of the sensitive systems like database, web and storage servers. We calibrate sensitivity, function, and risk to determine what other security zones are necessary for other key subsystems. We apply monitoring and access controls that apply to all the security zones as well as DMZs between different security zones.
Network vulnerability scanning
DataBank is continuously performing network vulnerability scanning to quickly identify any potentially vulnerable systems.
Third-party penetration tests
Multiple time each year DataBank uses third-party, independent security experts to perform comprehensive penetration testing.
Security incident event management
Our security systems generate logs from all important parts of the network, and they are integrated with alert triggers to notify the security teams for investigation and response.
Intrusion detection and prevention
All key points of our network within DataBank are monitored to detect abnormal traffic patterns and behavior. After key thresholds are crossed, alerts are generated and sent to the security teams. We use regularly-updated signatures based on new threats that we get access to by leveraging DataBank's relationship with the US Government.
Threat intelligence program
Giva and DataBank participate in several threat intelligence sharing programs to enable monitoring of threats posted and take action when necessary.
DDoS mitigation
DataBank has a proprietary architecture for DDoS mitigation. They have a deep partnership with Cloudflare that provides network edge defense.
Logical access
Giva's production network is highly restricted and utilizes least privilege and is monitored on an ongoing basis. Any Giva employees that can access the Giva production network must use two factor authentication.
Security incident response
Any system alerts are escalated to our 24/7 Operations, Network Engineering, and Security teams. These employees are trained on security incident response processes and escalation paths.