EnergySolve is highly committed to maintaining the highest level of security for our client’s data.
In order to ensure your data’s security, we have incorporated a Multi-layered process.
The first layer is Identity Security. When you reach the UBAR system you are prompted for username and password to gain access. The login information is checked against an encrypted database and grants permissions only to the data authorized by the client for that particular user.
All login attempts are logged and reviewed on a regular basis to ensure that the account has not been compromised.
The second layer is Encryption Security. The UBAR server uses state of the art encryption techniques for all data transmitted to and from clients. This includes the transmission of usernames and passwords, and all subsequent data.
Many browsers today offer both 40-bit and 128-bit versions of SSL (Secure Sockets Layer). 128-bit encryption provides a higher security level than 40-bit encryption by a factor of more than 300 x 10 24.
The UBAR site requires the 128-bit SSL encryption.
An icon, such as a lock or key, will be displayed in the corner of your browser’s window to let you know that your browser’s encryption is active. Clicking the icon will usually display the site certificate:
The certificate and issuer information helps to verify that the site you are at is in fact the UBAR site, and the encryption is active.
A further validity check can be made by clicking on the VeriSign Logo present at our login page.
The logo can only be displayed on sites with valid VeriSign certificates that match certain criteria as specified by VeriSign.
The third layer is Database Security. Energysolve uses a tiered and layered access method to ensure that the database cannot be compromised. The database server is several layers away from the Internet to protect it from hackers. The first line of protection is a state of the art firewall. Only the necessary ports for the website to function are opened on the firewall. This prevents worms and trojans from compromising systems behind the firewall. The second line of defense is a Gateway Server. This server uses a custom method to route traffic based on protocol and content. The Gateway Server will deflect any non-browser requests to another server outside of our systems. All browser requests for the unsecured site are sent to our standard web server. All browser requests to our secured site are routed to the secured web server.
Only the secured web server can connect directly to the database to retrieve data. This is done through COM objects to again ensure that the information requested does not exceed the parameters predefined by the user login.
We ask our users to assist us by following some standard security procedures as well.