Our Partners close more business.
Use these powerful resources to win more business, faster, with less effort.
Call 877-411-2220 x121 for personal support with any opportunity.
RESET SEARCH
Hosting Quote Estimator
GET a FREE Sandbox or Trial Environment NOW
How To Use This Tool:
To find answers to common RFP and RFI questions, select a tag, or, search for terms like "security", "performance", etc. You will find common questions and answers grouped together in one record. Follow the tag links to refine your search. Supporting downloads and documentation are available, below.
Please login to obtain download access to additional supporting documentation. Registered users can also contribute to the database. You can request access by Contacting Us.
Supporting Documents
Please note that assets with generic thumbnail require login for access. If you require access please Contact Us.
© Omegabit LLC, 2023
Enter a Search Phrase or Select a Tag
Network Connections
Q:
Do you have policies in place to monitor and control external/internal network connections?
A:
A customer specific architecture diagram will be supplied once an application footprint has been elected. The basic configuration places all Liferay stack resources behind a hardened active firewall, and private vlan segment dedicated for use only by the prescribed Client occupant - a private cloud network segment. Omegabit is happy to accommodate any custom firewall request or configuration require by the client.. All services are restricted or off by default except where required for portal operation.
DOS - Denial of service
Q:
Do you have the ability to limit the effects of denial of service attacks? If yes, explain the methodology used.
A:
We operate active firewalls capable of thwarting common DOS attacks and also are able to work with upstream carrier providers on more widespread attacks. We are susceptible to the same limitations as any hosting provider. Clients can mitigate this in some cases by adding additional infrastructure in the form of regional site redundancy, clustering, and round-robin DNS, 3rd party CDN services, and similar strategies. Liferay and Omegabit are expertly equipped to help evaluate and apply these strategies to the custom environment configuration, where adopted.
System and Communication Protection Policy
Q:
Do you have documented system and communications protection policy and procedures?
A:
Yes
Multi-factor Authentication
Q:
Do you provide multi-factor authentication for the following: Network access to privileged account? Network access to non-privileged account? Local access to privileged account? Remote access?
A:
Answer refers to default configuration of Client environment and does support optional 2-factor authentication, on request.
Network access - replay resistant
Q:
Do you employ replay-resistant authentication mechanisms for network access to privileged accounts?
A:
Salted and hashed passwords are employed for relevant connection methods, which are session specific.
Device Authentication
Q:
Do you uniquely identify and authenticate devices before establishing a connection?
A:
N/A; trust relationships are typically configured at the application layer and are specific to design and implementation of the customer portal. Digital signatures are typically employed for validation.
Information Security - Data Loss Prevention
Q:
Do you provide Data Loss Prevention (DLP)?
Do you have a data loss prevention (DLP) program?
A:
Active DLP is an optional feature that may be activated on-demand on a per customer basis. Additional fees may apply.
Watchgaurd; feature available on special request. email only?: No, it can inspect virtually
Penetration Testing - Outside Vendors
Q:
Do you employ independent assessors or assessment team to conduct system penetration testing?
A:
Externally through partners chosen vendor at the partner request.
Mobile device encryption
Q:
Do you employ full-device encryption or container encryption to protect the confidentiality and integrity of the client information on mobile devices?
A:
IPSec, SSL, SSH (256-bit)
Wireless Connections - encryption
Q:
Are wireless connections encrypted using WPA2 or higher?
A:
Any secure communications are further tunneled and wrapped in either IPSec or SSH depending on the nature of connection. All wifi connections including LAN Wifi are hardened similarly as with public or unprotected network links.
Personnel & Contractors - Rules and Policies
Q:
Acceptable Use? If yes, are they required to sign/acknowledge the policy?
Code of Conduct / Ethics and conflict-of-interest? If yes, are they required to sign/acknowledge the policy?
Confidentiality Agreement / Non-Disclosure Agreement? If yes, are they required to sign/acknowledge the policy?
Are employees and contractors required to comply with security policies in which non-adherence is subject to disciplinary action, up to and including termination and/or civil or criminal liability?
Have you established rules that govern users (employees and contractors) on the expected behavior with regards to information and information system usage?
Do you have an established usage restrictions and implementation guidance for wireless access?
A:
Yes.
Yes.
Yes.
Yes.
Generally speaking, any externalized service is specifically contracted to match or exceed the terms and conditions of any relevant Client project or activity and parties are required to agree to complementary terms of engagement that are commensurate with Client and SLA requirements.
Yes
Account suspended
Q:
Do you automatically suspend accounts after a maximum number of unsuccessful attempts? If so, what is that limit?
Do you require an administrator to unlock suspended accounts?
A:
This is a configurable setting in Liferay. This is an available option for Clients upon special request pertaining to Client hosted infrastructure.
Network Access - user acknowledgement
Q:
Do you display and require user acknowledgement to system/network usage warning/banner before granting further access?
A:
Per Client requirements.
System Session - Timeout
Q:
Does your system session lock after a period of inactivity? If yes, please specify timeout period.
A:
This is a configurable setting in Liferay and other layers of infrastructure connectivity and is adjustable per Client requirements.
Remote Network Access
Q:
Do you permit non-VPN remote access to internal network? If yes, what remote access methods are permitted and how is it secured?
Does remote network access to privileged commands and security-relevant information for operational needs require documented rationale and system owner authorization?
Do you route all remote accesses through a limited number of managed access points?
A:
SSH is allowed by default and can be optionally disabled.
By design, secure remote access control and administration is allowed for authorized clients only. Firewall restrictions to further limit access are supported and the use of private BOVPN and SSH tunnel links is highly encouraged and exercised by Omegabit administration personnel.
Configurable per Client requirements.