|
We have employed a number of data encryption safeguards and access control policies to prevent the unauthorized dissemination of your sensitive data and are setup to receive, transmit, and store your data in 100% encrypted format so that your data is never left out in the "open". Additionally, we can also digitally "shred" your data when the job is complete, leaving no trace behind. |
|
|
It is a fact; any unsecured data that is transmitted across the Internet can be intercepted by a third-party without your knowledge. It is for this reason that we have implemented SSL (Secure Sockets Layering) that allows for encrypted communication with our website. You can feel safe knowing that when you upload a file using our Secure Upload Form or download a file from our website that the transmission is encrypted and safe from prying eyes. |
|
|
In addition to encrypted transmission with our website, we also accept and deliver encrypted data files. This adds another layer of protection that not only ensures that your data is safe during transmission but also that it is only accessible by authorized individuals when it is received. We currently support the following two types of file encryption but we will be happy to work with you if you have different requirements. |
|
|
We can accept and create ZIP files that are protected by 256-bit AES (Advanced Encryption Standard) encryption. These files are protected by a single password and can be opened with WinZip version 9.0+ or other compatible software. |
|
|
We can also accept and create PGP encrypted files. PGP encryption relies on Public and Private keys to encrypt and decrypt data. In order for you to send us an encrypted file you must first request us to send you our Public Key to encrypt the file with. Likewise, before we can send you an encrypted file you must first send us your Public Key. |
|
|
In addition to encrypting the data transmissions, all confidential data processed and stored on our server is also encrypted. This means access to your data is locked-down and restricted to only the specific employees that are needed to complete your job and is never out in the open. Additionally, our servers are contained in a secure room that is either locked or occupied by a system administrator at all times. This prevents unauthorized physical access to data that is secured and encrypted on our servers. |
|
|
We utilize the AES (Advanced Encryption Standard) encryption algorithm for both our data file encryption and encrypted storage area. AES provides strong encryption and has been selected by NIST as a Federal Information Processing Standard in November 2001 (FIPS-197), and in June 2003 the U.S. Government (NSA) announced that AES is secure enough to protect classified information up to the TOP SECRET level, which is the highest security level and defined as information which would cause "exceptionally grave damage" to national security if disclosed to the public. |
|
|
Controlling users' access to data is the key to any data security policy as one can employ the best data encryption in the world but if the access credentials are guessable or easily obtained then the purpose has been defeated and so has the protection. It is for this reason that we utilize user account controls including strong passwords, password cycling, immediate account deactivation, and account lock-outs. These controls combined with proper employee education nearly eliminate the threat of compromised user accounts being used to gain access to your secure data. |
|
|
|
|
|
|