InsuredMine CRM | Optimize and Grow Your Insurance Agency

How we keep your data secure?

In this article, you will learn:

We know how important your personal information is, which is why we employ some of the most advanced technology for Internet security available today. When you access our site through HTTPS, sensitive information you send such as passwords, are encrypted using the industry standard TLS (Transport Layer Security) protocol, commonly called SSL (Secure Sockets Layer), ensuring your data is safe, secure and available only to authorized users in your organization. We also provide each user with a unique username and password that must be entered each time a user logs on. The password is hashed with PBKDF2 and the login information can be used to reliably track which user account triggered the action within the software. All customer data is stored with Amazon RDS Encryption, which ensures that everything is encrypted at rest, including the underlying storage for the database, as well as any backups or replicas of the data. In addition, we store customer data in a secure server environment utilizing Amazon Web Services or AWS.  AWS data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Here are some answers to frequently asked questions regarding security:

1. What are your Security policies and procedures for the accessing the physical location of your data/server center?

All servers are running in  Amazon Web Services (AWS).  AWS data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means.  Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.

2. Are external connections to your website secured?

All traffic goes through a secure Hypertext Transfer Protocol over SSL or HTTPS connection. When you access our site through HTTPS, sensitive information you send such as passwords and bank account numbers are encrypted using the industry standard TLS (Transport Layer Security) protocol, commonly called SSL (Secure Sockets Layer), ensuring your data is safe, secure and available only to authorized users in your organization.

3. What Security (encryption) protocols are in place to protect the access to the application, data and network?

We encrypt all passwords, traffic, and all personally identifiable information (PII) we store with industry standard practices. Specifically, we encrypt all passwords with PBKDF2. HTTPS traffic is encrypted with TLS with a 2048-bit certificate that is signed with SHA-256.  The entire database is also encrypted at rest, which prevents any data from being directly read from the underlying storage of the database or from the database backups, without the proper encryption keys.

Related Articles

Would you recommend this article?

Related Categories

Contact Us

Looking for more information or want to try one of our paid plans?

EMAIL

PHONE

OUR LOCATION

Search
Generic filters

Most Search: Ams360Release Notes