Physical Security
FAQs regarding SES physical security.
- What are physical controls in place where AHFC data will be stored?
All physical systems are in cloud data centers, specifically AWS East and AWS GovCloud East.
- Do the application audit logs capture activity performed by privileged accounts,
security events and exceptions?
Yes, the application audit logs capture all activity performed by accounts, security events and exceptions, whether privileged or not.
- Are audit logs retained in accordance with the company’s record retention
schedule?
Yes. System audit logs are retained for two years (730 days) from creation. Security alerts are retained for 7 years (2,555 days).
- Are logging and monitoring methods employed in accordance with company
requirements?
Yes, all SES logs are sent to Splunk as a log server and SIEM.
- Are audit logs for the application protected from unauthorized access,
modification, and destruction?
Yes, logs are restricted to either the system administrator on the source system, or the InfoSec monitoring team for the central log source (Splunk).