From Encryption to Resilience
When people think of security they tend to think of things like encryption and passwords. While those are of paramount importance, security and compliance encompases a much broader scope.
We encrypt all data, whether it is at rest, in transit or even on machines that are turned off. We have tightly controlled access to our server environments and strict role based authentication.
We have well tested two factor authentication (2FA) to go the extra mile for customers.
We've worked with industry leading companies to assist us in making sure the data is as secure.
A solid security system needs data to be encrypted so only authorized parties have access to it.
Data At Rest Encryption
Data at rest in information technology means, inactive data that is stored physically in any digital form. Data at rest is subject to threats from hackers and other malicious threats. The security options used for this type of data are commonly referred to as data at rest protection (DARP).
By encrypting your data at rest, you protect your data from being accessed through a means other than the directly controlled entrances. For example, if someone were to gain physical access to your systems they still wouldn't be able to read your data.
In Use and In Transit Encryption
If encryption at rest is like storing your data in a vault, encryption in transit is like putting it in an armored car for transport. It’s harder to intercept, access, or transform. You have stronger guarantees that whatever you put into the armored vehicle will arrive to its ultimate destination without any tampering along the way.
In order to guarantee the safety of your data it needs to be encrypted whenever it travels from one place to another. Typically this is done with https for websites and key based encryption for APIs that are communicating with the database.
Two Factor Authentication
2FA is an extra layer of security used to make sure that people trying to gain access to data are who they say they are. First, a user will enter their username and a password. Then, instead of immediately gaining access, they will be required to provide the token.
We use 2FA to make sure that the person using the log in credentials is supposed to be using them and is in the right location.
For administrators that means installing Google Authenticator and providing a token (that changes every 30 seconds). For on-site staff that means getting a token from the site manager when they start a shift.