Due to the nature of our business, we take our clients data protection very seriously and have implemented many levels of security features throughout our system during the sign-up, ordering and viewing process.
The system automatically reviews passwords as clients, researchers and administrator log onto the system. If the password doesn’t meet the “strong password” standard, the user will be taken to a page to update the password. The system also has an auto timed logout feature.
We monitor all Client Account Registrations and record the IP ADDRESSESS for Security purposes. Our system monitors all credit card transactions for fraud. Credit Card fraud will be investigated and prosecuted to the fullest extent of US and International law by our legal team.
System Security Summary
The system utilizes a 128-bit SSL certificate which is the industry standard level of encryption for communication. In addition, the system is password protected and gives each user their own account name and password. For each order that is placed, we store the IP address which the order originates from. The login activity and IP address is also logged with each login attempt and success.
Sensitive Information such as DOB's and SSN's are obscured on all reports that are accessible via the Internet and also when in delivery transit (email & fax).
The network is protected by an enterprise level firewall system, and the OS is audited weekly to make sure the latest security patches are installed on the system. The database server is password secured on the OS level and then on the database application level. Additionally, the systems are located at a dedicated co-location facility that has electronic and physical security 24/7/365.
Here are some additional details about the infrastructure:
128/256 bit encryption
IP tracking for logins
Login history tracking
IP tracking for orders
Obscuring of Personal Identifiers
Enterprise Firewall Protection
Enterprise AntiVirus Software
Weekly OS security patches
Tri level password protection at the application, database, and OS levels
24/7/365 Electronic and physical security
We do data backups every 30 minutes on a continuous basis.The data is transferred to a separate backup server so the active data and backups are in physically different locations. In regards to disaster recovery, our servers are located in a state-of-the-art facility with a 24-7 physical presence and automated monitoring to minimize any disaster events.
We also have multiple database and application servers which client systems can be operated from, so in the case of a failure, we are able to bring client systems online from different servers which are already configured and waiting to be utilized.
The following site has been issued a QuickSSL™ certificate to enable server security:
|Validity Period:||7-Jun-2009 to 8-Aug-2011|
In today's world, for better or worse, security issues are at the forefront of our thoughts. GeoTrust QuickSSL is just one solution from GeoTrust that should give online consumers and businesses peace of mind. Sites secured by GeoTrust SSL certificates are providing up to 256 bit encryption thereby offering the highest level of encryption and security possible. This means you can rest assured that communications between your browser and this site's web servers are private and secure.
We are Safe Harbor Certified:
Certified organizations have notified the Department of Commerce that they adhere to the safe harbor framework developed by the Department of Commerce in coordination with the European Commission. The safe harbor provides guidance for U.S. organizations on how to provide "adequate protection" for personal data from Europe as required by the European Union's Directive on Data Protection.
OFFICE COMPUTER SECURITY
All office computers are further secured by RAPPORT which creates a secure communication channel between our office computers web browser and the InfoCheckUSA Server screening system. Rapport implements a completely new approach to protecting customers and employees. By locking down customer browsers and creating a tunnel for safe communication with the online website, Rapport prevents Man-in-the-Browser malware and Man-in-the-Middle attacks. Rapport also prevents phishing via website authentication to ensure that account credentials are passed to genuine sources only.
- Blocks Zeus, Torpig, Silent Banker and other Man-in-the-Browser attacks
- Blocks Keyloggers and screen grabbing
- Blocks Man-in-the Middle attacks
- Blocks Phishing attacks
- Works on both Windows and Mac
- Protects immediately upon install
- Complements other security software
- Transparent to customers and employees unless a threat is detected
- Delivers advanced reporting on current and new threats including zero-day attacks
- Comes with pre-packaged marketing tools and materials
- 24x7 support option