Bytescribe is committed to keeping data secure. WebShuttle is designed to keep information safe. We have developed a strategy to deal with any risk of disruption of service. Our platform is built and deployed with this strategy in mind. Compliance audits are frequently preformed within our organization. We are continually working to keep information safe.
APPLICATION SECURITY AND ENCRYPTION
Access to all WebShuttle data is done through our secure web portal. All data transfers are done through encrypted SSL channels or through FTPS (secure FTP over SSL transfers for Premium accounts). Data is encrypted in transit and optionally at rest. Files are decrypted as they are downloaded through a secure SSL port.
CONTINUOUS SECURITY TESTING
Bytescribe does continual security testing. We use third party penetration testing and vulnerability scans. Our IT staff controls the testing of our web application and implements proper security measures. We are continually being educating on current security issues. If security vulnerabilities are identified, we work to correct the issue immediately through patches and updates. Once the updates are in place, new scans are preformed to ensure the patches are successful.
PHYSICAL SECURITY
Our data center has very strict policies for access to the equipment. The data center is has 24/7/365 manned facilities with security patrols and multiple security checkpoints. It has a 90 Day recorded CCTV log and intrusion detection. On-site guards are present 24/7/365. Key card access is required to all floors of the building. The data center requires identification/badges and it utilizes cameras, guards, locked cages, backup generators and fire suppression/humidity controls. Only trusted employees are granted access to servers containing sensitive data. Our data center is SOC II certified.
COMPLIANCE
Bytescribe has a high percentage of clients in the medical industry We maintain HIPAA compliance for our clients We enforce encryption and SSL access through our platform. Our workflow enforces security.
INFORMATION PROTECTION
All customer data is treated as confidential. It is only stored in electronic form. Our servers have proper firewalls in place to protect the IPs. Proper measures are taken to secure the data. Electronic data is accessed by users over SSL ports through our web site. We have standard Data Loss Prevention measures in place including firewalls, intrusion detection and antivirus software.
SECURITY MONITORING
Our staff has continual access to log reports, usage graphs, login reports, and network analysis data. Network alerts and notifications are always in place. Our data center staff monitor network logs and graphs and are aware of any unusual activity.
INCIDENT RESPONSE
We log and track all security incidents within our support ticket system. Any security issues are documented and are reviewed by our IT team and senior management. Tickets are updated as issues are resolved. Any incidents are addressed by our security team. We work to address all security alerts and concerns. If we were to encounter any type of security breach, we have processes in place to notify clients of the issue.