OpenMarkets understands the importance and critical nature of operating a secure infrastructure. We are in the business of fostering positive relationships between provider and supplier organizations, and we understand our success is built on a foundation of trust. We strive to ensure that user data is kept securely, and that we collect only as much data as is required to provide our services to users in an efficient and effective manner. The statements within this document provide a deeper review of the OpenMarkets approach.
To this end, OpenMarkets applies a tiered approach to securing it’s platform:
Our infrastructure provides DDoS mitigation techniques including TCP Syn cookies and connection rate limiting in addition to maintaining multiple backbone connections and internal bandwidth capacity that exceeds the Internet carrier supplied bandwidth. We work closely with our providers to quickly respond to events and enable advanced DDoS mitigation controls when needed.
Managed firewalls prevent IP, MAC, and ARP spoofing on the network and between virtual hosts to ensure spoofing is not possible. Packet sniffing is prevented by infrastructure including the hypervisor which will not deliver traffic to an interface which it is not addressed to. OpenMarkets utilizes application isolation, operating system restrictions, and encrypted connections to further ensure risk is mitigated at all levels.
Port scanning is prohibited and every reported instance is investigated by our infrastructure provider. When port scans are detected, they are stopped and access is blocked.