In this article:
For businesses of all sizes, Internet-based applications are a great alternative to conventional software. When you choose a Web-hosted application from TimeSolv, security is one of the biggest benefits. There are numerous security advantages to using TimeSolv compared to running packaged business application software in-house.
TimeSolv keeps your data in a secure data center facility. Think of it like a bank vault for your information, with 24-hour security personnel, key-card access systems, and strict sign-in/out procedures, video surveillance and after-hours motion detectors. Getting into your office’s server is child’s play by comparison.
These same data centers provide tremendous network security to prevent hackers from breaking into the server containing your data, including multiple levels of network software security. Does your company have network security personnel on staff?
All TimeSolv accounts are password protected. TimeSolv uses “trap-door encryption” to protect your password. This means that passwords are subject to one-way encryption only. Your password is encrypted when you first enter it and is saved in encrypted form at TimeSolv. In other words, even we don’t know your password!
Everything is Encrypted
Every time you enter information in one of our applications and send it across the Internet (by choosing Save or pressing Enter), that information is scrambled using 128-bit encryption. Just look for the padlock icon at the bottom of your browser. When you see this you know the page is protected by SSL (Secure Sockets Layer).
Limited Employee Access
All TimeSolv employees know customer security is paramount, and every employee signs a customer confidentiality agreement upon being hired. Even so, only a handful of employees have access to your account data, and then only for emergency use.
Although the internet is a trusted medium for hosting critical applications and information, passwords are often a weak link in the chain of security between a web application and a user. Two-factor authentication helps with improved security, increased productivity and flexibility, lowered helpdesk and security management costs, reduced fraud and ability to build secure online relationships.
To manage two-factor authentication:
Under Account>Settings>General Two-Factor Authentication can be enabled/disabled.
Enabled - Administrator can decide if authentication will be required with every login, daily, weekly, or monthly.
Terms of Service
This section details of frequently asked questions on TimeSolv’s security and data infrastructure.
|1||What infrastructure is used for hosting the application and the website?||TimeSolv is hosted by a state-of-the-art data center provided by Amazon Web Services (AWS). Highly encrypted 128-bit SSL is used for data transmission between your browser and our data center.AWS has completed SAS 70 compliance and a Type II Audit, as well as being ISO 9001 certified. Add that we’re PCI DSS compliant to the mix, and you can rest assured your data is completely protected. Security, however, isn’t everything. Our customers demand reliability. So here at TimeSolv, we also use a state-of-the-art agile development environment in order to provide you with almost 100% uptime. To see for yourself, check out a report on our site by Pingdom, a third-party monitoring service. Or, just take a look below. For redundancy, the public-facing website is hosted with a managed service high availability hosting provider.|
|2||Is TimeSolv PCI (Payment Card Industry Data Security Standard) compliant?||TimeSolv is PCI compliant with security audit and compliance certified by SecurityMetrics, https://securitymetrics.com .|
|3||What mechanisms are in place to ensure that only authorized personnel will be able to access your data?||All passwords are encrypted and TimeSolv employees do not have access to passwords to access production data. Datacenter access is strictly limited to technical staff. Electronic security systems control data center access and are accompanied by a full complement of motion detecting security cameras which monitor the entire facility. Data Center facility external walls are reinforced poured concrete. Data centers are a fully managed facility, which means we have level 3 technicians on site 24 hours per day.|
|4||Does the contract address confidentiality?||Yes, the customer contract includes terms of service agreement addressing the confidentiality of customers’ information. See TimeSolv’s Privacy Statement at https://timesolv.com/privacy.html|
|5||How frequently are back-ups performed?||Onsite backups are performed in near real-time with a maximum delay of 5 minutes on a redundant database server. Offsite backup is performed automatically every day with Amazon.com on the west coast. In addition, TimeSolv provides automated daily backup via the Automatic Data Export services.|
|6||Is data backed up to more than one server? Where are the respective servers located? Will data always stay within the boundaries of the United States?||Onsite backups are performed in near real-time at the data center with a maximum delay of 5 minutes on a redundant database server. Offsite backup is performed automatically every day with Amazon.com on the west coast. All data is kept within the United States.|
|7||How secure are the data centers where the servers are housed?||Datacenter access is strictly limited to technical staff. Electronic security systems control data center access and are accompanied by a full complement of motion detecting security cameras which monitor the entire facility. Data Center facility external walls are reinforced poured concrete.|
|8||What types of encryption methods are used and how are passwords stored? Is your data encrypted while in transit or only when in storage?||128 bit SSL for all data transmission and password storage. Data is encrypted while in transit.|
|9||Are there redundant power supplies for the servers?||Amazon AWS is a highly available, distributed cloud computing platform with redundant power sources.|
|10||Does the contract include a guarantee of uptime? How much uptime?||TimeSolv is open to signing a guaranteed uptime and compensation due to an unexpected period of downtime. TimeSolv’s historical uptime exceeds 99.99%.|
|11||If a natural disaster strikes one geographic region, would all data be lost? Are there geo-redundant backups?||
|12||If there is a data breach, will you be notified?||TimeSolv has not experienced a data breach. Customers will be notified in case of a data breach.|
|13||What rights do you have upon termination?||TimeSolv does not hold hostage any of client’s data. All data is available for download with a built-in option as CSV files. TimeSolv is open to providing a contract with specific service levels to meet the client’s needs.|
|14||Can we back up data locally?||Each client can back up their data as a compressed file with an included data download utility. TimeSolv doesn’t hold data hostage to resolve billing disputes. The client can also receive a copy of their data in CSV (Comma Separated Values) format via Automatic Data Export service at $19.95/month every day to backs up on their own servers.|