Privacy of data we host for you
Economic Outlook has a long history of hosting sensitive data for commercial, community and government organisations. We respect and guard the privacy of application data we hold for our clients.
You grant or revoke access to your data stored in Spike3 through its username and password authentication system which supports per user role and scope authorisations. To maintain privacy you must ensure each user has their own account, with appropriate authority, and a strong password that is kept secret.
The Australian CCS system requires a comprehensive exchange of data with the government's CCS systems and staff on your behalf. We may also access your data in order to support our service to you and resolve technical problems. We will not use data you have stored in the system for another purpose or disclose it to a third party without your permission, except where required by law.
The computers record details of system and network activity for technical and operational purposes. Some of these logs may contain small bits of your data such as transaction parameters. Where this occurs we will keep identifiable data confidential.
The spike production servers are located in specialised Data Centres ensuring strong physical and environmental security.
The core hosts are powerful Oracle servers with lights out management for reliability and rapid response to failures. They run a Linux operating system widely acknowledged for its stability and security. No windows systems are deployed within our data centre networks eliminating many common vulnerabilities and network attack vectors.
Our host systems are further hardened by custom building the kernel and utilities from checksum verified source, excluding unnecessary components, and omitting a GUI. They employ a kernel level firewall and offer no services on the internet except a secure shell (SSH2/SSL) maintenance port, creating a hard network boundary.
The spike application and other services accessible from the internet execute inside numerous virtual server security contexts. Running services in isolated "virtual servers" this way, increases security, flexibility and robustness.
Each application server has a private IP on an internal network so can not be directly seen from the internet. Spike viewers, browsers and other clients must connect to a hardened HTTPS proxy server. The proxy examines the request and if valid recasts it to the appropriate application server and passes back the response. Isolated and protected by a proxy server the application servers are never directly exposed to malicious Internet packets.
The spike database servers are independent of the application servers. Updates are continuously "log shipped" offsite providing point in time recovery. The databases are also dumped daily and replicated to a remote host for conventional rotational media backup.
Spare hardware is installed in the primary data centre for prompt response to hardware failures. A second data centre is also maintained for disaster recovery in the event the primary data centre experiences a catastrophic failure.