FundVault was built from the ground up as an online document
management and access system, with stringent security built-in to the
application, to the infrastructure and to the processes and systems that
support them.
USER SECURITY FEATURES
| Fund Manager Level Security |
|
The different levels of access/permission given to users
within your organisation will be verified with an authorized person in your
organisation each time there is an addition or change.
|
| Investor Level Security |
|
Permission to access is given on an individual basis within
your investor groups. For example, a large investor group may have some
individuals following their investment in one of your funds, and others
evaluating due diligence information for your latest fund; access may be
tightly tailored to meet exactly these needs.
|
| ID & Password Protection |
|
User IDs and passwords are provided only to authorized users
with fund managers and their investor groups. Data is delivered using 128-bit
encryption, currently the highest level of data security commercially
available. No outside users will be given userid / password access to
FundVault.
|
|
User Access and Password Protection
|
|
The identities of all users are verified before they are given
access to FundVault. Users are only able to access FundVault via their own
personal password. If you make a number of incorrect attempts to log on, we
will disable your access to the service as a security measure. You will however
be able to call to reinstate access, via password reset after our
representatives have verified your identity once again. In normal circumstances
this will happen within a short period of time after the contact with our
representative. Please remember that it's vital you do not share your password
with anybody, because by doing this you will have compromised your own security
and it will be a breach of the terms and conditions of the service
|
| No Unsolicited Documents |
|
FundVault is not a tool for fund managers to distribute
unsolicited marketing materials. Draycott will double-check that a proposed
individual, who is clearly not a current investor with a fund manager, has
agreed to receive documents. This prevents investors from being flooded with
unsolicited marketing documents – and so maintains FundVault’s integrity as a
focused, private document access tool for you and your investors.
|
| Document Level Security |
|
Each document within FundVault has its own individual setting
for access permission by FundVault users. This means that fund managers can
choose exactly who may access each specific document. If a user does not have
access to a document, that user will not even be aware it exists, as it does
not show up in his view. For convenience, FundVault enables fund managers to
give access to groups of documents to users all at once.
|
| Automatic Logout |
|
If after logging on to FundVault you do not use the service
for 15 minutes, you will automatically be logged off. This is to ensure that if
you have left you PC or have forgotten to log off, the opportunity for anyone
else to access your system is reduced. However to eliminate this risk please
always ensure you never leave your PC unattended while logged on.
|
|
|
| Active online surveliance
|
|
Our dedicated staff are constantly monitoring the status and
activity of FundVault to proactively identify potential security threats or
unusual user behavior (such as a user apparently logging in from distant
physical locations within a very short time period). In order to effectively
conduct this surveillance, we may therefore collect data from users regarding
the portions of the site visited and the information or other services obtained
or inputted. This data may also include your domain name, IP address, Internet
service provider, protocol, browser type (including versions and settings),
operating system and connectivity specifications. FundVault staff may contact
you or your firm's administrator if necessary to confirm your activities within
the system if they observe unusual activity.
|
| Other surveillance
|
|
We may also record, store and use any telephone, e-mail or
other electronic communication with you. We use this information to
authenticate users of our service, save passwords, facilitate you navigation of
out site, and determine your entitlements to data and services.
|
| Data security and Redundancy
|
|
All information held within FundVault is stored with 100%
redundancy within secure, dedicated, state-of-the-art hosting facilities. The
facilities incorporate enterprise level intrusion detection and virus
protection software, firewalls, redundant connections and power, and
comprehensive physical security systems. Dedicated technical personnel maintain
the physical running of the systems, including addressing hardware failures and
upgrades on an ongoing basis. Backups are made daily and recovery and restore
processes are in place to recover from unavoidable failures. The sites are held
secure and monitored round the clock, 365 days per year.
|
| Internal Security
|
|
We emphasize to our employees the confidential nature of the
information held within FundVault and the high level of importance we place on
maintaining this confidentiality. All persons who support, maintain, manage or
otherwise have access to the FundVault system have signed confidentiality
agreements that bind them to maintain the strict confidentiality of all aspects
of data held within FundVault, including the content of information itself, the
identity of FundVault's users, access to information by users, and the use and
presentation of information. We have comprehensive processes in place to ensure
that information is kept confidential and that priority is given to supporting
owners of information to maintain their information confidential.
|
| HARDWARE INFRASTRUCTURE SECURITY FEATURES |
|
| Mission-Critical Redundancy |
-
All documents and data are stored on redundant drives, so that
if a drive fails, the system continues to operate on a mirrored drive with no
impact on usage or performance.
-
Multiple data pipes into the server facility provide
redundancy for communications.
-
Back-up power supplies and critical event response systems
provide resiliency to react to irregular events such as power failures.
|
| Back-up and disaster recovery |
|
|
| Data & System Security |
-
FundVault application and documents are running on dedicated
servers that are protected by leading edge enterprise-class firewalls and
intrusion and virus detection software.
-
FundVault is supported by experienced professional technical
staff who are specialised in managing and optimising active mission-critical
applications.
|
|
Access to the site of the data is secured 24/7 via
-
Authorization systems for controlled access.
-
Biometric identification systems.
-
Video surveillance systems.
-
Motion sensors.
-
Alarm systems.
-
Security guards
|
