I have written about Central Desktop before (see Central Desktop Provides Wiki-based Collaborative Platform and How Obama is Using Web (and Enterprise) 2.0 in the US Primary Campaign). Last week I touched base with CEO, Issac Garcia on what they are doing in the security area. This continues to be a major concern for companies as they consider bringing Web 2.0 applications into the enterprise. Central Desktop targets the small to mid-size market and project teams within large enterprises. As project teams within larger enterprises want to expand Central Desktop usage, security issues are likely to come up. They also serve SMBs in high security areas such as financial services and healthcare.

These rising security issues have prompted Central Desktop to add a number of useful security layers through their new Security Pack as an optional add-on for those who need them. Issac took me on a tour. First, there are a number of administrative security settings around passwords such as minimum length, complexity, and frequency of change. Then there is the offering of trusted email domains to addressHIPPA compliance for healthcare service providers. It allows data to be sent via email. Those not in the domain have to go through a secured password site. The Trusted IP address feature allows for access from only certain systems to prevent accidental access. You can also turn off the “remember me” function for sign in. You can even create custom terms of service and privacy policies to go with Central Desktop usage.

In addition to these new features, Central Desktop takes care with security in general. There is physical security with access to the data center controlled and monitored 24×7 by onsite personnel and camera surveillance. The building is seismically designed to withstand most natural disasters, including an 8.3 magnitude earthquake.

Real-time network, server and application monitoring is also used. Firewall and router technology, SSL Encryption and a Network Intrusion Detection System are used to monitor and proactively block worms, hackers, and other undesirables. Log files are retained and analyzed for proactive monitoring of network activity. All server devices and software are protected by encrypted passwords and accessible only through encrypted communication paths. The application security model prevents customer data cross-over and ensures complete customer data segregation and privacy. Customer data is segmented from the Application layer providing additional security buffers. System-wide backups of all data to tape or disk are performed daily. Onsite and offsite backups of all data are rotated and stored on both live servers and tape

Here is what eWeek said about the Security Pack, Google Apps Rival Takes Its Turn at Security. Central Desktop has also received a major round of funding recently, announcing receipt of $7 million in funding on April 16.