Our Partners close more business.

Use these powerful resources to win more business, faster, with less effort.  
Call 877-411-2220 x121 for personal support with any opportunity.

RESET SEARCH

Hosting Quote Estimator

GET a FREE Sandbox or Trial Environment NOW

How To Use This Tool:  

To find answers to common RFP and RFI questions, select a tag, or, search for terms like "security", "performance", etc.  You will find common questions and answers grouped together in one record.  Follow the tag links to refine your search.  Supporting downloads and documentation are available, below.

Please login to obtain download access to additional supporting documentation.  Registered users can also contribute to the database.  You can request access by Contacting Us.

Supporting Documents

Please note that assets with generic thumbnail require login for access.  If you require access please Contact Us.

Name  Size 
Omegabit - Why Hosting Liferay is like Airplanes 29MB
Omegabit Brochure.pdf 5.7MB
Omegabit Disaster Recovery PlanTOC.pdf 206k
Omegabit employee-handbookTOC.pdf 158k
Omegabit Generic SOW-SLA_GENERIC_for_PDF.pdf 2.5MB
Omegabit Information Security Questionnaire 2.1.docx 178k
Omegabit IT Security TOC.pdf 270k
Omegabit IT_DisasterRecoveryPlan_2.3-detailed-preened.pdf 470k
Omegabit Org Chart6-17.pdf 16k
Omegabit PerformanceOpt16-17.pdf 158k
Omegabit Security16-17.pdf 210k
Omegabit Value Proposition.pptx.pdf 3.6MB
SOC 2 Type 2 - Digital West - 2016 - FINAL-1.pdf 958k
Why Omegabit Liferay Hosting.pdf 762k
 

© Omegabit LLC, 2023

Enter a Search Phrase or Select a Tag


Content with tag encryption .

Data Encryption

Q:

How is the primary data encrypted?

Do you employ cryptographic mechanisms to protect the confidentiality and integrity of information at rest or in storage?

Do you have a process in place to establish and manage cryptographic keys?


A:

Data encryption is supported as a special requirement in the runtime. All backup and archive storage is encrypted. Typically, it is most practical and efficient to consider satisfying any encryption requirements inside Liferay at the metadata storage level during the application design phase. However, Omegabit is able to accommodate bulk file-system level storage encryption in the runtime on a needs basis.

 

This is documented in Omegabit Internal Operations Wiki


No comments yet. Be the first.
7/14/17 encryption data loss prevention data storage data encrytion crytographic keys

Mobile device encryption

Q:

Do you employ full-device encryption or container encryption to protect the confidentiality and integrity of the client information on mobile devices?


A:

IPSec, SSL, SSH (256-bit)


No comments yet. Be the first.
7/18/17 encryption ssl ssh

Passwords

Q:

Do you encrypt passwords in storage and in transmission?

Do you enforce password reuse conditions and minimum password complexity (e.g. minimum password length, mix of upper and lower case letters, numbers, and special characters)?

Does the application support strong complex password authentication (example: uppercase/lowercase, numbers, symbols)?


A:

SHA-256 or better using non-deprecated, modern ciphers for all relevant connections.

This is addressed in the Client SLA, Omegabit Operations Policy Guidelines and Recommendations, and are adaptable per Client requirements. The default practice for Omegabit includes strong complex non-repeating 15-character passwords.SHA-256 or better using non-deprecated, modern ciphers for all relevant connections.

Yes; is enforceable by custom policies that are easily managed by the Lifeay Control Panel.

Omegabit implements and follows strict, PCI compliant password policies by default.


No comments yet. Be the first.
10/4/18 password encryption sha 256

Personnel & Contractors - Security Policies

Q:

Do you have Mobile Device / BYOD / MDM Document?

Do you have Workstation Security Document?

Do you have Acceptable Use Policy?

Do you have Access Control Policy?

Do you have Remote User Policy?

Do you have a Password Policy?

Do you have an Encryption Policy?

Do you provide Personnel Security Training?

Do you have documented personnel security policy and procedures?

Do you have a Clean Desk Policy?

Are system support personnel trained on security responsibilities based on their role?


A:

This is documented in Omegabit Employee Handbook, Section 6. Rules of Conduct

This is documented in Part 2, Section 1, Workstation Security Policy, IT Security Handbook

This is documented in Part I, Section I, Acceptable Use Policy, IT Security Handbook

This is documented in Part 3, Section 3, Remote Access Policy and Part 3, Section 2, Bluetooth Baseline Requirements

This is documented in Part III, Section 3. Remote Access Policy, IT security Handbook

This is documented in Part 1, Section 8, Password Construction Guidelines, IT security Handbook

This is documented in Part 1, Section 5, Acceptable Encryption Policy, IT security Handbook

Personnel Security is covered as a component of onboarding and training as it relates to work environment and surroundings. And, is also a notable component of info security training as it relates to the an individual's perceived value or risk as it relates to access to information.

ref: Omegabit Employee Handbook

This is documented in Part I, Section 2. Clean Desk Policy, IT Security Handbook

Yes


No comments yet. Be the first.
7/18/17 security personnel and contractors mobile byod workstation acceptable use access control remote user password encryption policy security training role

Wireless Connections - encryption

Q:

Are wireless connections encrypted using WPA2 or higher?


A:

Any secure communications are further tunneled and wrapped in either IPSec or SSH depending on the nature of connection. All wifi connections including LAN Wifi are hardened similarly as with public or unprotected network links.


No comments yet. Be the first.
7/18/17 encryption wireless wpa2