The Navigator System is cloud based, this means that data is potentially exposed to the internet and is at risk of either being stolen, or held to ransom.
This document gives details of how Navigator mitigates and seeks to protect our customer's data and maintain access to the system in the case of ultimate disaster.
It should be noted that technical details, details of the names of partners we use to run and secure our data as well as the detail behind some of our policies are condidered Company Confidential and form part of our Cyber Security process
The Navigator system consists of a database which is hosted in the "Navigator" datacentre with access given to the Navigator Windows based client running on user PCs, mobile apps which use this data, web services that need to use this,
The Navigator datacentre is run by a third party who run a level 4 Datacentre in the UK. Physical access is via two factor password codes and passwords along with a security code to get access to the Navigator racks. The whole datacenter is run to ISO27001 standards.
The Navigator solution is not a single large scale database, but a series of separate databases within our datacentre. This is done for performance and also data separation reasons. The data is encrypted at rest and also in transit using industry standards.
The servers containing the data are not directly connected to the internet for inbound services (though they have outgoing access marshaled through our firewalls to access patches, send data out to third parties etc).
Database access is via a series of Communications Servers which have access to the internet for data access via secure https calls allowing only the latest accepted versions of TLS - the industry standard protocol for encrypting and securing data. This ensures that all data crosses the internet in encrypted form. We do however support some legacy web services (for reporting and never with customer information in) which are unencrypted.
All calls to the datacentre are verified via api keys generated at user login for user based access or generic API keys for web services and app access where a user is not validated.
Navigator uses a third party web proxy for all our web services - this is supplied by cloudfare and enables us to hide the actual internet location of the datacentre. This also helps mitigate against common attacks auch as Denial of Service.
There is no persistent data stored on the users PC by the application. It should be noted that the software does allow export of data to text files and spreadsheet format and the responsibility for security of these are passed onto our end users.
Every customer database is individually backed up every evening. Backups are generated in encrypted form and stored securely in an online cloud database outside of the datacentre but in the UK. This is supplied by a third party provider who we verify for maintenance of ISO27001 and other data security standards.
Navigator has the ability to store associated data - such as images and documents. These are not stored in our datacentre but are stored in the cloud database. They are encrypted by the third party cloud provider but are not doubly encrypted in the same way as the backups.
Backups are kept for 7 days, with the addition of end of month backups kept for 12 months.
Our Cyber Security processes - in case of hacking - are documented and contain processes for reducing initial harm (essentially switching access to the datacentre off), investigation and restoration. We utilise a third party contracted service of Cyber Security Experts who are available with a fast SLA to assist in this.
In case of ultimate disaster, the recovery process involves our third party data centre partner rebuilding our datacentre infrastructure from scratch and our team reloading data from the last servicable backups
This process could take several days should the datacentre be completely destroyed either physically or by a cyber attack.
Only Navigator support staff have access to the datacentre via VPN, secure software which uses our web services and screen sharing tools. All are secured by our Single Sign On login security supplied via Microsoft Azure. We have policies for adding and removing users as part of our onboarding and exit processed as well as regular audits of access to ensure that staff have the minimum acces required to do their job.
Further questions relating to any of the above should be directed to yor Customer Success Manager