Security

PCI Compliance

We are a PCI Compliant provider, so you can be confident that all data security complies with industry standards.

Internet Security

All information transmitted is via 256-bit SSL encryption to provide industry leading protection to our clients while maintaining maximum performance.

REQUESTOR's Credentialing

All potential requestors of our system first go through a verification process by one of our trained, credentialing professionals. This process includes verifying physical location, business type, contact information and electronic print.
Only once this process is complete the requestor is permitted to search against data housed in our system.
In addition, every search request requires permissible purpose, your companies designated code, and the employees SSN before they are processed.
Our verification systems can also be configured to require a signed release by the employee before any employment/income information is released.

Data Protection

All potential PII that we house is protected through transparent database encryption to ensure the stored data is encrypted at all times.
Hosting Features: Our main dedicated servers are located in the “Hostway” facility in Austin, TX. This facility is a SSAE16 –SAS70 Type2 certified and complete with a fire suppression system and live CC TV monitoring 24/7. Only authorized personnel can gain physical access to our main servers, which are additionally protected through biometric control systems. There are over 60 combined cameras around the data center to ensure maximum protection around the clock.

 

Data Upload

We currently support a wide range of encryption methods for our data upload, which include SSL/TLS, SSH with FIPS 140-2 (embedded RSA security module). All servers are proactively monitored for intrusion prevention, which includes audit reviews of all activity logs. Additionally, data uploading through SFTP protocols are restricted to a given scope of IPs (or single IP) designated by the client. Connections from unauthorized public IPs are not allowed.