At Tracker, we use advanced technology for data security. We keep your data secure through a comprehensive set of policies, processes and infrastructure including data encryption, access controls, firewalls, intrusion detection, system redundancy, and more. Here are the key components of our security strategy:
Strong, multi-level physical security
Your data is secured with a hosting provider that has earned an AT 101 SOC 3 seal for security. The seal, the Systrust for Service Organizations Seal, is based on the AICPA/CICA Trust Services Security Criteria.
Sound environmental security
Nightly backups and redundant systems distributed across geographies protect your data in case of disaster. An unexpected outage in one geography will not affect the other, providing complete system redundancy for disaster recovery.
Uncompromising data protection
All data is encrypted in transit. ImmigrationTracker supports Certificate Authority High Assurance Class 3 SSL certificates with support for 256-bit AES encryption and 2048-bit RSA key length. Your data is also encrypted at rest, with databases and backups encrypted using SQL server transparent data encryption (TDE). All user accounts require complex passwords, and you can choose to increase the complexity of passwords further. Passwords are stored as one-way hashed values, and are never known to Tracker staff.
Protection from intrusions
Your data is protected by an intrusion detection system (IDS) that utilizes multiple technologies to identify suspicious activity and alert operations personnel. Engineers continuously monitor critical parameters having to do with network traffic and availability. Information security management systems are certified ISO 27001 compliant.
Security built into policies and practices
At Tracker we know that technology alone cannot fully protect critical assets, so we've also built security into our policies and practices. ImmigrationTracker is scanned daily by Trust Guard, earning a Trust Seal for website security. Before every major release, we conduct a web vulnerability scan on ImmigrationTracker, using IBM AppScan. If any issues are detected, they are remediated immediately. And every year, we use a third-party security provider to conduct security assessments and penetration tests on ImmigrationTracker.
This paper walks through the five phases of immigration casework and outlines specific ways you can use IMS technology in each, for significantly higher efficiencies across the end-to-end process.