Security Policy

Welcome to the MFG.com, Inc. and subsidiaries Websites including MFG.com, SourcingParts.com, MFGx.com, MFGTextiles.com and MFGQuote.com, collectively the "MFG.com" Websites. MFG.com provides access to its Websites to the public and members and has put in place the Security Policies noted below. By accessing, viewing, posting, using or downloading materials from these Websites, you agree to be bound by these Security Policies. If you do not agree with these Security Policies do not use these Websites.

Where MFG.com has provided you with a translation of the English language version of the Security Policy, then you agree that the translation is provided for your convenience only and that the English language versions of the Security Policy will govern your relationship with MFG.com. If there is any contradiction between what the English language version of the Security Policy says and what a translation says, then the English language version shall take precedence.

Security Measures

We know that security is crucial to you and we consider security to be a top priority. We devote significant resources to continually optimize our security infrastructure and this includes continuous monitoring and improvement.

Among other security measures, MFG.com provides:

Experienced, professional engineers and security specialists dedicated to round-the-clock data and systems protection.
Continuous deployment of proven, up-to-date security technologies, including proprietary products developed for MFG.com.
Ongoing evaluation of emerging security developments and threats.
Complete redundancy throughout the entire MFG.com online infrastructure.
Client Auditing (Notably in the sectors of Aero-Defense).

Physical Security

Our production equipment is collocated in Geneva, Switzerland and Atlanta, USA at facilities that provide 24-hour physical security, redundant electrical generators, redundant data center air conditioners, and other backup equipment designed to keep servers continually up and running.

Perimeter Defense

The network perimeter is protected by multiple firewalls and monitored by intrusion detection systems Ñ all sourced from industry-leading security vendors. In addition, MFG.com monitors and analyzes firewall logs to proactively identify security threats.

Data Encryption

MFG.com leverages the strongest encryption products to protect customer data and communications, including 128-bit SSL Certification and 1024-bit RSA public keys. The lock icon in the browser indicates that data is fully shielded from access while in transit.

User Authentication

Users access MFG.com only with a valid username and password combination, which is encrypted via SSL while in transmission. An encrypted session ID cookie is used to uniquely identify each user. For added security, the session key is automatically scrambled and re-established in the background at regular intervals. MFG.com website username and passwords are to be kept confidential. You may not disclose or share your username or password with any third parties.

Application Security

Our robust application security model prevents one MFG.com customer from accessing another's data. This security model is reapplied with every request and enforced for the entire duration of a user session.

Internal Systems Security

Inside of the perimeter firewalls, the systems are safeguarded by network address translation, port redirection and more. The specific details of these features are proprietary.

Operating System Security

MFG.com enforces tight operating system-level security by using a minimal number of access points to all production servers. We protect all operating system accounts with strong passwords, and production servers do not share a master password.

Database Security

Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is restricted to a limited number of points, and production databases do not share a master password database.

Third Party Caching Service

MFG.com Websites utilize a "best of breed" third party caching service to ensure faster load and response times of MFG.com web pages as well as accelerated route optimization to ensure data is served up to users in the most efficient manner possible. No proprietary user data is stored on these third party servers in the form of cached data. The elimination of the number of hops in accessing data as well as the third party vendors stringent security methods provide additional security and integrity to the MFG.com Websites.

Server Management Security

All data entered into the MFG.com sourcing application by a customer is owned by that customer. MFG.com employees do not have direct access to the MFG.com production equipment, except where necessary for system management, maintenance, monitoring, and backups. MFG.com does not utilize any managed service providers. The MFG.com systems engineering team provides all system management, maintenance, monitoring, and backups.

Reliability and Backup

All networking components, SSL accelerators, load balancers, Web servers, and application servers are configured in a redundant configuration. All customer data is stored on a database served by a database server cluster for redundancy. All customer data is stored on carrier-class disk storage using RAID disks and multiple data paths. All customer data, up to the last committed transaction, is automatically backed up to a primary tape library on a nightly basis. Backup tapes are moved to secure, fire-resistant, off-site storage on a regular basis.

Security

Our site has security measures in place to protect the loss, misuse and alteration of the information under the control of MFG.com. We use username and password protection for users. We have a password retrieval process for users who prove they are authorized to obtain their password, via their valid email account. Transactions involving financial data are only processed using secure server technology. All data is stored on Web and database servers that are secured from physical public access. Any use of a robot, bot, spider, or other automatic or manual device or process to monitor, copy, scrape, or otherwise unlawfully access any pages on the MFG.com websites will be prosecuted to the full extent under the law.

This Security Policy was last Updated October 15, 2009.

clear

Careers at MFG.com | Terms and Conditions | Security Policy | Privacy Policy

With MFG.com sourcing professionals and engineers can evaluate supplier profiles from suppliers located around the world, effortlessly request and evaluate quotes from those suppliers who meet their criteria. Machine shops, molders, fabricators, extruders, metal casters, contract manufacturers, and hundreds of other manufacturers find work on MFG.com every day.