CenterPoint® Accounting - Red Wing® Cloud Services Security

Related Help

View or Print a PDF

Red Wing Software offers the ability to run CenterPoint and store CenterPoint databases in the cloud. This opens the question of security, as users realize that the information being accessed and stored in the cloud is sensitive in nature. Security is, however, a multi-faceted topic that includes passwords, data protection, environment support, backups and restores, and nightly scheduled maintenance.

General Web Security

  • SSL Protocol– SSL Protocol– Access to the Red Wing Cloud Services website forces an HTTPS secure connection between the client (browser instance) and the web server. This protocol creates an encrypted key relationship with the client, encrypting the stream of information versus plain text. All communication is encrypted with 2048 bit encryption, including upload and download of files and keyboard inputs. Any attempts to access this portal using HTTP without SSL will be redirected to use HTTPS.

Passwords

  • When Red Wing Cloud Services are accessed from a web browser at https://centerpoint.redwingcloud.com, you will be required to enter a user@company (login) and password given to you by Red Wing Software. Upon first login, users will be required to reset their password and validate their account using multi-factor authentication.

Note: this is NOT the CenterPoint database login and password.

  • Red Wing Cloud Services passwords expire every 180 days.
    • Password must be a minimum of 10 characters.
    • Passwords must not contain the owners name.
    • Passwords must contain at least one character from three of the four categories below:
      • Upper case letters
      • Lower case letters
      • Numbers
      • Non-alphanumeric characters: ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/
  • CenterPoint database security is recommended as an additional security level for databases when using Red Wing Cloud Services.

Note: logging into the cloud and logging into your databases requires two separate login credentials. 

Multi-Factor Authentication (MFA)

The Red Wing Cloud Services require MFA. MFA requires users to validate the login credentials through a challenge/response that sends a 6-digit code via email, which is then entered to verify the account. The MFA will take place via the email address you have tied to your Red Wing Cloud Services account. Users are required to authenticate their Red Wing Cloud Services account initially and the first time they log in each month at each unique location .

Data Protection

  • Red Wing Software is partnering with a nationally known hosting provider. The software is hosted on a private cloud environment built and maintained cooperatively by the hosting provider and Red Wing Software. While Microsoft RDP is used to access the software, all access is routed through redundant network and firewall infrastructure through RD Gateway servers that encrypt all traffic at a level above and beyond normal RDP encryption to enhance security. These RD Gateway servers also perform pre-connection authentication of all incoming requests against the Red Wing Software environment's Active Directory infrastructure.
  • Each customer has its own separate SQL instance. Each instance is accessible only by users from that company.
  • A limited number of Red Wing Software Technical Support representatives have access to the hosted environment.
  • The Red Wing Cloud Services environment lies behind multiple firewalls.
  • Data deletion policies and procedures are in place.
  • Data recovery plan exists.
  • SAS70 protocols and procedures are used.

Environment Support

Data Center

  • 24 hour authorized access only.
  • Monitored 24/7/365 (video surveillance and security guard).
  • Biometric scanning, badge/mantrap entry.

Power

  • Multiple facility-based UPS systems.
  • N+l facility-based UPS system.
  • Power back-up generators (tested monthly).

Environment

  • HVAC cooling system.
  • Temperature and humidity alarms.

Disaster Recovery Backup and Restore

All data is handled by Red Wing Software's hosted partner's employees only.

Backups
  • Backups are performed on a nightly basis.

Note: you can back up your data at any time from within CenterPoint.

  • Two full weeks of backups are saved.
  • Backup tapes are brought off site daily and kept in a fire safe.

Restores

  • A typical restore can be accomplished within 24-72 hours from the time of a request.
  • A cost is associated with this service.

Note: You can restore any data backups, that you have taken, at any time from within CenterPoint.

Nightly Scheduled Maintenance

  • The standard maintenance window is from 11:00 pm to 1:00 am Central Time.
  • It is recommended that users do not log in during this time window. You may have limited access and experience interruption in service.
  • Extended maintenance may be necessary on occasion and Red Wing Software will communicate the nature and length of the maintenance.
  • The Environment is rebooted on Tuesdays and Fridays during the maintenance period.

Document: 3294