Security

CDT maintains an extensive security program that includes physical facility access control 24 hours per day, 7 days per week as well as event management and audit, intrusion protection, virus protection, vulnerability scanning, and numerous other deterrent and detection methods.

To provide assurance of its commitment to security, CDT periodically engages information technology security-certified consultants to conduct third party vulnerability assessments, security testing, and compliance to industry standards. This process assures the security procedures and practices used by CDT protect systems from potentially malicious activities. Additionally, this effort tests CDT intrusion detection processes in order to identify opportunities to further reinforce their effectiveness.

To obtain additional information about the CDT security, please contact your Account Lead to schedule a confidential discussion.

This offering is classified as a Current Service.

CDT bills for consulting services when those services exceed the workload in the rates approved. For more information see Consulting Services.

The CDT Security Management Division offers security consulting services in the following areas:

  • Security Architecture Review
  • Specialized audit support services for data center resident applications (for upstream compliance authority audits, e.g. IRS, SSA, HIPAA, PCI)
  • Custom server vulnerability scanning services (of data center resident systems)

CDT performs various infrastructure vulnerability and protection tasks to ensure that systems housed at the data centers are as safe and secure from unauthorized access attempts as possible. CDT believes that securing the infrastructure is just as important as securing the network. This provides a secure foundation on which customer applications may run. For the protection of CDT and its customers, the particulars of the CDT security program are withheld. To obtain information about the CDT security, please contact your Account Lead to schedule a confidential discussion.

The items listed below include but are not limited to the methods in which CDT secures its infrastructure assets:

  • Patching – In a proactive effort to mitigate the risk of attack on hosted project, CDT follows a regular schedule for patching its systems. Depending on the system hardware, application, and project requirements, patching frequency will fall under timeframes dependent upon the customer and/or CDT requirements. CDT customers will agree upon pre-determined timeframes for which the system can be placed off-line for the patching process to commence if necessary.
  • Risk Auditing & Reporting – CDT performs regularly scheduled risk assessments on its network to assess security-related risks from internal and external threats to its information assets. These assessments do not interrupt day-to-day operations to its customers. Reports of these risk assessments can be shared with CDT customers if the audit reports a risk on said customer’s system.
  • Vulnerability Scanning – CDT follows a vulnerability management plan which enables proactive detection and remediation of security vulnerabilities. This is accomplished by employing tools and processes capable of detection and determining various types of vulnerabilities associated with a potential attack or compromise. CDT manages processes that actively identify vulnerabilities, determine the risk the vulnerability poses and ensures the vulnerability cannot be exploited to harm its customers.
  • Intrusion Protection – CDT employs Intrusion Protection at the Internet border, at the data center borders, and at critical other points in the infrastructure. This provides significant protections against both incoming and outgoing communications that may be of a malicious nature.
  • Network Segmentation – CDT also employs a strongly tiered and segmented network architecture that isolates functions that are allowed to communicate with each other. CDT employs a strong policy based and change controlled process to determine what communications are allowed to occur within the CDT infrastructure.

For additional information regarding specific service security measures, refer to the links below:

CDT bills for consulting services when those services exceed the workload in the rates approved.

The CDT Security Management Division offers security consulting services in the following areas:

  • Security Architecture Review
  • Specialized audit support services for data center resident applications (for upstream compliance authority audits, e.g. IRS, SSA, HIPAA, PCI)
  • Custom server vulnerability scanning services (of data center resident systems)

Subscriptions to this service are available and can be referenced in the CDT Rate Schedule.

Service CodeService DescriptionUnit of MeasurementRateGroupComment(s)
G3xx-C2Level 2 Consulting* (DPM III, DPM II, SSS III, SSS II and Sr. ISA)Hour$130.00Consulting

To request Security Consulting Services, complete a Remedy service request:  Order Service Now

Contact your Account Lead for any questions regarding Security Consulting Services.