Handling Project and Case Data

Handling Project and Case Data

Files that can potentially contain sensitive information are frequently shared between Northern and our customers; files detailing the execution of a delivery project, logs files provided in troubleshooting activities, etc. This article describes Northern’s practices for handling and protecting these types of files, unless otherwise agreed by Northern and the customer.

SHARED PROJECT DOCUMENTATION

Project documents are stored (by customers and Northern employees) within Northern’s file collaboration platform.

  • The file collaboration platform used is hosted on Northern’s premises, with all relevant physical security.
  • Back-ups of the content of this platform are stored in a secure off-premise location as encrypted zip archives, using AES-256bit encryption.
  • Access to collaborative file shares is restricted, via complex passwords, to the specific customer concerned, and Northern’s Field Engineering and Product Development teams.
  • All traffic to and from these file shares (when not internal within Northern’s network) is transferred via HTTPS, using SSL encryption.
  • Files are retained for as long as they are considered useful, unless otherwise required by the customer.

DATA PROVIDED FOR TROUBLESHOOTING

After receipt by Northern staff, trace files, logs, and configuration files are stored in a file server at Northern’s premises. Files are sent to Northern using Hightail (an OpenText solution), using Northern’s file collaboration platform described above, or using a solution provided by the customer.

  • Customers normally send files to Northern’s Technical Support team using Hightail, a cloud service offered by OpenText.
    • OpenText maintains full compliance with SSAE 16 (ISAE 3402 equivalent) security and confidentially principles (regularly attested by third-party auditors).
    • Files are transferred via HTTPS, using SSL encryption.
    • While awaiting retrieval by Northern staff, files are stored within the transfer solution under AES-256bit encryption.
    • Files are stored in the transfer system for a maximum of fourteen days.
    • Access to files held in the transfer service is restricted, via complex passwords, to Northern’s Field Engineering team.
  • The file server housing this data is located on Northern’s premises, with all relevant physical security.
  • Access to shares on this server is restricted, via complex passwords, to Northern’s Field Engineering, Technical Support, and Product Development teams.
  • Files are retained for as long as they are considered useful, unless otherwise required by the customer.

 

This article does not override or supplement the Privacy Policy, which concerns the use of Northern’s website, nor does it override or supplement any specific data handling agreements that may exist between Northern and a specific customer.