How safe are your accounts?

Twinfield’s online webservice is extremely well secured. Security is required for the data centre, for data connection and for data storage. The maximum security is therefore necessary through continuous controls, Escrow measures and procedures.

Twinfield has a state of the art data centre in The Netherlands. It conforms to strict American standards and is ISO-certified. The security in the data centre consists of visible and invisible physical measures and other facilities to guarantee an uninterrupted service.

• 24 hour access control
• movement detectors
• earthen banks with fencing and 25m deep weaponed concrete piling
• security cameras and infrared cameras
• digital access control per area
• extensive fire protection

• clustering of web servers and data connections
• power from various suppliers
• data connections from various suppliers
• all components set up with redundancy
• 6 megawatt emergency power and a 100,000 litres reserve of generator fuel
• constant cooling and climate control

When you open the Twinfield login page, your connection is immediately encrypted with 128bit encryption. Since Twinfield is a pure web application, such as Google or internet banking, all communication is exclusively via SSL. Twinfield has special e-commerce accelerators to handle all encrypted communication so that despite the strict security, response times remain swift. A 6 digit code sent by SMS to your mobile can be used to provide an extra layer of security for your password. A new 6 digit code is generated and sent by SMS each time you login. Each code can only be used once.

Your accounts are protected by multiple firewalls from various suppliers. All data traffic is analysed and if the traffic differs from the established pattern, it is immediately blocked. An additional control takes place on XML and SOAP communication (communication used to create real-time connections with other operational systems you might use e.g. CRM, POS, etc)

Files are directly encrypted and data is stored in an individual anonymous database. All your data is copied four times per day to a back-up copy and it is sent to a different data bunker once daily via a secured data line with Blowfish encryption.

Twinfield has a control room where data traffic and system availability are checked round the clock. Several forensic IT specialists are present at all times so that unusual traffic patterns, attempts at hacking and service interruptions can be investigated within minutes. Supporting detection software has been developed with the help of the Technical University of Delft. All employees authorised for access to the control room are screened by the Dutch government. System availability is measured and recorded from New York, San Francisco, Calgary, London, Frankfurt and Hong Kong.

Twinfield has an Escrow agreement. This means that the source code and documentation are deposited with an independent solicitor. The number and size of organisations that currently use Twinfield ensures that the service will be offered in the long term. Should a situation arise whereby Twinfield would no longer be in a position to provide their service, the source code and documentation will be made available to all connected client organisations.

The strongest security measures are only of value if strict agreements enforce the proper use of these measures. Twinfield maintains mandatory procedures which are described in a code of conduct. All employees of Twinfield who work with client data have signed this code of conduct. Monitoring takes place to ensure procedures are followed.

Offering safe web services such as Twinfield, Google or Salesforce.com requires that the strategy, business model and indeed the whole approach of the supplier are fully focused on this specific method of service provision.