When you decide to use our services, we feel greatly honored for being trusted with the financial data and other sensitive information about your clients and company. We understand that this honor demands a very committed response to protect the most valuable assets of your business.
To ensure we protect your sensitive information, we would like to highlight some key aspects of our security measures to pragmatically demonstrate how we address your security concerns.
You Retain the Controls
We have implemented a security module that takes care of your financial data without creating any restrictions in terms of access rights to control and manage your data. No one can access your data unless you authorize by setting the level of user permissions.
When you wish to remove any company or restrict their access, you can easily delete the company from within PrognoStore and prevent them from accessing your services. Our servers keep the off-site backup of your business data for a specific time period, and then the data is purged from our servers. In case you delete a company that was entitled to cloud based access, we ensure that their access token is deleted so that no unauthorized access can take place through the API of providers.
Security is ongoing
We understand that physical, electronic and procedural safeguards are something that should be continually reinforced in response to the changed circumstances of the dynamic environment. This is the reason why our security approach integrates an ongoing process of internal documentation and review of our security measures.
Availability is important
When you use our services, you can actually access your valuable data at any time. Our facility is fully prepared to recover from unforeseen disasters within the shortest time frame. In order to run our services from a secondary facility, your data is backed up using 256-bit AES encryption and moved to our off-site location. In case, our primary data center fails due to exceptional or unforeseen disasters, we can quickly recover to restore services from our secondary facility.
Hosting & Physical Security
Our services are hosted on highly scalable cloud computing platforms that integrate privacy and end-to-end security at hardware levels. However, we take additional measures to incorporate a rock-solid security into our infrastructure and application environment.
In order to eliminate professional bias, we regularly hire independent security experts and keep pace with the cutting-edge technologies in the security industry. Unauthorized accesses to our servers are protected by biometric systems, round- the clock security and other enterprise-grade hosting facilities.
SSL or Secure Sockets Layer protocols are based on the most sophisticated encryption technology that has become industry standard in securing communications over the Internet. We use 128-bit SSL encryption (comparable to most banks and financial institutions) to ensure that your sensitive data is never compromised.
In order to ensure that no one gets access to your confidential information than what is required to provide services, we have implemented multiple levels of access permissions. You can remove individual users from your account or grant specific permission at any time. You can also grant permission to our staff members to receive help and support related to your account management.
In order to eliminate the chances of unauthorized access, passwords are always stored within our system. Our system ensures that all users select strong passwords and in case wrong passwords are entered, account access is automatically locked. Your account is also locked when it remains inactive for a specified time period.
We use multiple layers of enterprise-grade firewalls, routers and intrusion protection systems to ensure that no one can access your data by breaching our security. Obviously, we use dedicated firewalls and security systems that are configured, monitored and updated as per international guidelines.
Data protection & backup
Your sensitive data and information are stored online and backed up on several servers to eliminate the risk of losing it when your laptop is lost, stolen or subject to unauthorized access. The rock-solid security measures at these servers ensure that your sensitive information is never compromised.
We also backup your data at every six hours or so and keep its encrypted copy at several geographic locations to ensure quick recovery of your business after unforeseen disasters. Logical separation rules are implemented, and company-specific data are separated as per access permission and rules to ensure that your permission levels are always respected after any such recovery.
Third party audits and inspections
As already mentioned, we regularly engage professional security experts to evaluate our security strength. These third party security audits provide valuable insight into our source code and the chances of network scanning and its penetration.
We ensure that our security system adheres to all the applicable regulations or guidelines related to security and privacy of business data or user information.
How can you stay protected?
Follow the following rules to stay protected on our system:
- Use strong passwords that are hard to guess. Don’t use family names, or birthdays of your loved ones.
Multi-word pass phrases and cryptic passwords can be easily remembered while they offer very strong protection.
- Don’t share your password with anyone or access your account in the presence of others.
- Don’t save account password on your computer.
- Make sure to clean history and temporary files after using the web browser.