Nexus Service Manager is built on the same Microsoft .Net technology used by the largest banks in Australia and can handle millions of transactions per minute. With built-in functionality such as automated daily backups and updates, Nexus Service Manager comes complete with a variety of functions that have been proven to maximize reliably, security and efficiency.

Data integrity and system security is our primary focus which is why all best practices have been implemented at all levels of our infrastructure. To check the system security there is a report called Security Audit that shows the status of several important security checks. Such as: Two Factor Authentication, Domain SPF Record, Secure Connection, Brute Force Protection and Inactive Users.

Datacentre

Our primary servers are hosted in Sydney, Australian (Equinix SY3), we have servers in Melbourne (Equinix ME1) AND Sydney (Equinix SY4).

We used the Equinix datacentres due to their state-of-the-art world class datacentre that include:

  1. 24x7 Onsite Security
  2. Raised computer room flooring
  3. UPS with an onsite backup diesel generator
  4. Power delivered from two separate sub-stations
  5. Multiple redundant high capacity tier 1 connections to via redundant fibre paths
  6. Fire Protection
  7. Video Surveillance
  8. 24x7 Device Monitoring

Our servers are in cages within the datacentres which can only be access with biometrics security.

Hardware

All the servers are Enterprise grade HP servers:

Dual Intel Xeon Processers
Dual Power supplies
Raid 5 or Raid 10 SAS hard drives

As all servers have Dual Power supplies and RAID hard drives, there is redundancy built in, so services stay online working.

Network

Dual layered hardware firewalls. Having hardware firewalls compared to software firewalls is essential in preserving the web servers’ resources from being consumed by attacks.

All servers are configured with an OS level firewall.

A reverse HTTPS proxy is on the public network while the application server and the database servers are running on a private network. This means only the reverse HTTPS proxy is directly connected to the internet.

Software

Nexus Service Manager has been built with security in mind. The following security measures are on all systems:

Secure Connection
All traffic is over a securely encrypted connection via HTTPS.

Two Factor Authentication
All devices must first login with Two Factor Authentication using a Pin code which is sent to the users registered email address.

Domain SPF Record
The system will validate that the domain name has a valid Sender Policy Framework (SPF) record. To reduce sent emails from being treated as spam.

Brute Force Protection
The system will automatically blacklist IP addresses after10 failed login attempts.

Inactive Users
User accounts that are enabled but not in use for more than 30 days are monitored. To prevent old employees from having access.

Logging and Auditing
User logins and actions are record within access logs and user logs.

User Access Rights
Different user access right can be assigned to each user to restrict the access to sections of the system.

To this date we can pleasantly say that no security breach has taken place since the beginning of Nexus Service Manager dating back to 2008.

Updated: 25 January 2022

Support telephone: 02 9521 4052

Nexus Service Manager is developed by Nexus Digital Technology PTY LTD.