Security Overview

This document is intended to provide an overview of the Clark Nuber Physical, Logical and Information Security protocols.

Clark Nuber is committed to safeguarding continued operations and the client service standards we have built over the last 60 years. Our goal in securing Clark Nuber facilities, information and employees is to strike the correct balance between operational efficiency, intrusion and theft protection, and cost.

Physical Security

Clark Nuber facilities comprise the 16th and 17th floors of the Skyline Tower in downtown Bellevue. Other facilities of importance are located in Pennsylvania and Liberty Lake Washington.

Physical access control systems include:

  • Building security personnel and systems
  • Secure elevator access
  • Individual employee proximity entrance badges
  • Visitor badge identification system
  • Camera surveillance

Logical Security

Clark Nuber integrates a myriad of complex operations including sophisticated environmental and security controls in order to deliver continuous server and workstation uptime, and a fully redundant, high availability network.

Clark Nuber IT personnel adhere to strict fundamental design criteria including standardized operating procedures during implementation, day-to-day operations and system expansion in order to fully maintain network integrity.

  1. Access Control – Clark Nuber IT personnel follow a series of stringent practices to ensure that access to Clark Nuber network systems is controlled. Standard practices include but are not limited to:
    • Locked permissions on file systems
    • Defined user lists
    • Access control rights attached to specific users and groups
    • Restricted control rights on administrative IDs
    • Restricted permissions on drive partitions
    • Recorded system of server-to-server and user-to-server access requests
  2. Firewalls
- Edge firewall appliances and front-end servers are utilized to isolate private information from the public network. Clark Nuber firewall configurations include rule sets to allow and restrict the following services for both inbound and outbound traffic:
    • HTTP
    • HTTPS
    • FTP
    • SNMP
    • DNS
    • SSH
    • SMTP
  3. Remote Access
- Virtual Private Network hardware is maintained as a platform for employee access. All private access through the public network which is not on a VPN uses a 128 bit secure socket layer transaction protocol.

Information Security

All Clark Nuber employees must adhere to the Clark Nuber Ethics Policy which sets ethical standards for maintaining personal and corporate integrity. The Clark Nuber Ethics Policy describes both privacy of communication and confidentiality of information for all clients conducting business with Clark Nuber.