Winmill hosts eMembership in our high-availability data center. We focus on the hardware, software, operating systems, security patches, system monitoring, bandwidth, backups… while you focus on your core business.
We host hundreds of applications for clients ranging from small local unions to massive commercial banks. Our data center maintains SOC 1 (SSAE18/ ISAE3402), SOC 2, HIPAA, and PCI DSS compliance. It is fully audited, highly redundant and vigorously secured.
Because eMembership is internet based, authorized users can access it anytime, from anywhere. We make sure that it is running 24/7. Access it from the office, home, airport or hotel room. Job stewards can access it from a job site using an iPad or mobile phone. Your data at your fingertips, whenever you need it.
Welcome to a world where you’ll no longer worry if your server is secure, or if your backup ran last night. Welcome to the cloud. Welcome to eMembership.
Winmill provides all managed services necessary to ensure that eMembership servers remain operational and highly available. Recovery from hardware failures, environmental control failures, and application server failures is included at no additional charge.
Winmill utilizes state-of-the-art clustered firewalls as the first line of defense against Internet-based attacks. The clustered configuration provides a high level of up-time and resiliency to failure. If one firewall fails in a cluster, the other firewall automatically takes over in less than 3 seconds.
Our infrastructure is designed to be highly secure, and is managed by our team of certified security engineers. Besides using high-end firewalls, we constantly monitor web traffic, database activity and application activity to proactively prevent unauthorized access. We build security into every level of the application architecture.
Our data center maintains SOC 1 (SSAE18/ ISAE3402), SOC 2, HIPAA, and PCI DSS compliance.
We perform application vulnerability scans on our eMembership system (both dynamic and static code scanning), as well as code reviews. Our cyber security and data center department is overseen by a CISSP and CISA certified Director who works very closely with our software development department; these departments have collectively constructed a secure coding methodology and Secure DevOps infrastructure that ensures security is built into our applications from the ground up. All data is encrypted in transit, and any PII data (including SSN) is encrypted at rest. Although we process credit cards, we use third party processors such as authorize.net or EPN to do so; we do not store credit card numbers in our systems.