Taking Data Security and Availability Seriously

It’s no secret that data security and platform availability has been top of mind for real estate teams recently, and for good reason – it’s critical. And it’s a top priority for us at Sierra Interactive. We rigorously maintain a high standard of data management and security best practices. Our best practices for data include meticulous data integrity and recovery protocols that ensure our customer data is safe and recoverable. Our best practices for security include regular evaluation of our end-to-end risk, assessment of potential threats and informed decision-making to better protect our business-critical applications.

Our security strategy focuses on several key areas:

• Ensuring customer data is protected and frequently backed up.
• Ensuring customer data can be restored quickly and with minimal data loss in the event of a data incident.
• Integrating security into the product lifecycle from development to production.
• Securing our infrastructure and applications via Development Security Operations Best Practices and strategic partnerships.
• Driving security awareness and individual responsibility into our culture.

This is how we do it:

• Customer data is backed up two times per day, database transaction logs are backed up in real time, backups are stored in geo-redundant storage, and all backups are retained for 14 days. These steps ensure that in the event of a data incident we can minimize any potential data loss and maximize our speed in getting systems back online.
• We promote a cohesive, organization-wide security culture with regular employee security education and training, including:
  • Monthly phishing awareness and assessment activities,
  • Quarterly employee training on security topics.
  • A comprehensive set of security policies and procedures.

• We follow general security best practices when storing and transmitting customer data.
  • As a Microsoft Azure-based company, we benefit from security tools such as a Web Application Firewall (WAF), a security tool that monitors, filters, and blocks HTTP traffic to and from a website or web application.
  • We also benefit from the expertise of a global service provider on the front lines of information security.
  • We intentionally select partners who support our security objectives and who also take their portion of the shared responsibility model seriously.

• We use Cloudflare’s industry-leading edge services, including Web Application Firewall (WAF), DDoS attack detection and mitigation, bot detection and controls, and tooling for individual customer site and CRM protection.
• We scan our applications weekly for vulnerabilities and are monitored by Microsoft Azure’s suite of security tools.
• We leverage a risk register and regularly focus on evaluating new risks as well as following up on the status of known risks. 
  • Risk remediation is tracked in our engineering project management software.

• We strive to follow Microsoft and Azure data security best practices in planning, implementation and operations. 

The security and availability of our applications is mission critical, and we’re committed to ensuring we follow industry-leading best practices. For additional questions about this information, please reach out to support@sierrainteractive.com.