DATA SECURITY INFORMATION

DATA SECURITY INFORMATION

Our Data Centres

Our public cloud servers are located in Amazon Web Services (AWS) Ireland (EU) and Virginia (US). Each data center offers a minimum of 98% availability (guaranteed uptime). The online reporting forms servers are co-located in the cloud with Google Cloud (GC) and Amazon Web Services (AWS). GC data centers are hosted in Iowa (US). AWS data centers are located in Germany, Frankfurt (EU) and Virginia (US).

Data Transfer and Storage

S2B Online uses end-to-end encryption, with 256 bit SSL in transit and AES encryption at rest — the same level of encryption you find with banks. We also support TLS 1.2 for all communication.

SSL (SECURE SOCKETS LAYER) is the security technology for establishing an encrypted link between a web server and a browser. It ensures that all data passed between the web server and browsers remain private and integral.
AES is the global standard of encryption. It’s used to keep classified information safe and is implemented both in software and hardware throughout the world to encrypt sensitive data.
TLS (“TRANSPORT LAYER SECURITY”) is the protocol that allows digital devices to communicate over the internet securely without the transmission being vulnerable.

SSL AES and TLS security

Extra Layer of Security

To provide an extra layer of protection to your data, we go beyond offering bank-grade encryption. There are additional security measures that we can add to your private portal in order to further protect your sensitive data and comply with the industry standards.

• TWO-FACTOR AUTHENTICATION – Users need something they know (i.e. password) and something they have (i.e. smartphone) in order to access their account.

• COMPLEX PASSWORDS – When we set up your users’ accounts, we create their login details, which include username and password for accessing the portal. Our admins create the passwords via a secure password generator and always use a combination of uppercase and lowercase letters and numbers. Your users can later change the password that we first set them up with but, we can add settings that require them to use a combination of letters, numbers and special characters for their password.

• USER-BASED PERMISSIONS – Each user has set permissions, defined by you (the account administrator) or us (we can set the permissions up for you!) enabling the relevant viewing or editor rights. This means you have complete control over which members are able to view, edit, download and delete content up to a granular level.

• AUDIT TRAIL – We can organise and track user activity and generate CSV reports. User activity includes who has viewed, downloaded, created, approved, updated, deleted and logged in to their account. 

• AUTOMATIC ACCOUNT LOCKOUT –When a user tries to log in to their account and has been unsuccessful after 6 password attempts, his/her account will be locked for 1 hour.

• AUTOMATIC LOG-OFF – Users are automatically logged out each time they leave your portal, or they can be automatically logged out of their account every 30 days.

• PASSWORD-PROTECTED PDF REPORTS – Many organisations, such as real estate agencies, legal firms, schools and academies collect sensitive data from their workforce via our Online Reporting forms. This includes home addresses, phone numbers, bank details, credit scores, and national insurance numbers. To avoid this data to get into the wrong hands the PDF reports that we email to you and other stakeholders can be password protected.

Compliance

S2B Online uses Amazon Web Services (AWS) for hosting its data centres, which are ISO 27001, SAS70, PCI certified, HIPAA compliant and comply with US federal government customer requirements by being FISMA and FIPs certified.

1200px-Amazon_Web_Services_Logo.svg

GDPR

Data Processes and Practices to ensure that we are fully compliant with the legal requirements. To further demonstrate that our processing of personal data complies with the GDPR requirements and is in line with the accountability principles, we are ICO CERTIFIED.

More Information...

More information about Data Protection and Security can be found in our Privacy Policy.

Ready to get started? Sign up for a free 1 month trial today!

Ready to get started? Sign up for a free 1 month trial today!