Internet security firm ICSA.net
Wednesday certified that Digex, Inc. is a
truly secure application service provider.
Digex (DIGX)
was awarded TruSecure Management
Service Providercertification. In order to certify Digex was required to
meet strict security standards on its systems. The designation is reserved for
those firms that rigorously comply with security adherence procedures and maintain
a well-documented security regimen.
Earlier this year, Digex teamed with ICSA.net and other service providers to form the Alliance
for Internet Security. The group wanted to enforce tough security
standards to protect their networks from attempts to use their systems as launch
pads for attacks on other organizations.
Digex is the first organization to complete the ICSA.net
certification. Dave Capuano, ICSA.net product manager said 5 to 10 of the larger Internet
Service Providers should be certified in the next six months.
Adam Joseph, ICSA.net president and chief executive officer, said
Digex demonstrated secure capabilities and provides a truly “locked-down” environment for its clients.
Pamela Fusco, Digex security officer, said Digex is committed to
establishing and maintaining peak levels of security in every Managed Hosting
Solution implemented.
“The ICSA recognition of approval confirms our position as a leader
in Web and application hosting,” Fusco said.
Digex security was evaluated for its performance on
Internet-connected system devices including modems and firewalls, Web servers, SMTP gateways and FTP servers to ensure that no vulnerabilities existed. The Digex Local Area
Network (LAN) design was reviewed for accurate segmentation of traffic and
management control.
Digex internal operations, user systems and physical access
permissions for critical devices were analyzed to guarantee that its security
procedures were enforced and functional. Digex also had to test its anti-virus
verification procedure to ensure that the entire environment remained virus free.
But the TruSecure certification process does not stop with hardware
and software. Digex Human Resource policies were reviewed to ensure that appropriate
background checks were conducted at each employment level. This security measure
is of particular interest to Digex clients since is was revealed last week
that the online credit card thief who called himself “Curador” worked as an
e-commerce consultant.