Here at SurveyGizmo we are incredibly lucky to have a top-notch industry superstar handling our Application Security, Compliance, and Contracts. Janelle Hsia is our full-time security specialist and she makes sure that the company, the building, and all its software are always in compliance with our security policies so that your data is as safe as it can possibly be. We know Security is as important to our customers as it is to us, so we’ve reached out to her to chat about some security issues that may be of importance to you.
Jannelle comes to us with over 22 years of experience across a diverse background of general management, business development, IT security, process improvement, contracts management, compliance implementation, and risk analysis. She’s worked with executives at all levels of both the government and the private sector. Before SurveyGizmo, she was the deputy Information System Security Officer (ISSO) for two separate IT systems and provided security consulting for a few others. She holds three different certifications. In short, she knows her stuff.
For this month’s installment of our Security Series, we asked her to explain data encryption, how we use it at SurveyGizmo, and how it affects your surveys. Here’s what she had to say:
At SurveyGizmo we encrypt data in transit, at rest, and on all backups. Here’s how: Access to the SurveyGizmo Application is available only through secure HTTPS. Data in transit is encrypted when customers choose to use HTTPS protocols for their account. We utilize TLS for our secure communication protocol and we are currently at the most recent patch level.
All survey data, even those that are designated as unencrypted, are encrypted at the disk level – “at rest”. Amazon Simple Storage Service (Amazon S3), provides SurveyGizmo with secure, durable, highly-scalable cloud storage which is designed to deliver 99.999999999% durability – yeah that is eleven 9s!! Surveys that are designated by the customer as encrypted by way of the Project Data Encryption feature are further encrypted at the row level in the database. Once you have collected data in an encrypted survey, encryption cannot be enabled/disabled.
In addition to this, your data is backed up using Amazon Elastic Block Store (EBS) snapshots which is used as a primary storage device for data that requires frequent and granular updates. Automated encrypted snapshots (differentials) of databases are performed daily, and all data storage is redundant.
Our redundant databases reside in a private subnet that is only accessible via our application and web servers. Additionally, we leverage Amazon’s AWS security features to further “lock down” access to these systems. Bulk response data can only be accessed via the reporting and exporting features available via the application by a customer logging in with their credentials over https.
We hope this gives you a little further insight into the encryption we use. As always, if you have any questions about this, please reach out to us, and we’d be happy to answer any questions! You can also download our full Security Whitepaper here to learn even more about all the things we do to ensure your surveys and data are safe. Check back next month for another installment of our Security Series and to learn even more!