The benefits of cloud based visitor management include:
Our cloud architecture with every service tier is spread across availability zones (data centers) within the Hostgator Hosting service. IVET runs regular data backups. In the highly unlikely event of a service outage, all data is kept on the IVET system. We have never lost a customer’s data.
As part of our security measures, IVET does not store any visitor data on the Device or app. In the unlikely event of theft or loss of the device, no visitor data will be recoverable from the devices, simply because, no visitor data is stored on the devices.
Once captured, the visitor data is transferred securely using HTTPS (SSL connection) from the IVET app and dashboard to secure cloud servers. IVET protects against possible denial-of-service (DoS) attacks using CloudFlare’s advanced DDoS protection.
Data transmission is encrypted using AES-256 encryption. Encryption keys are dynamically generated; post and get parameters are abstracted. Database connection strings are kept separately with a strict access policy and audit logging. IVET API layer security has strict permission rules to prevent unauthorized database connections.
We have policies that require employees to never store production data locally nor in test environments.
All passwords are md5 hashed. You can only reset a password, not retrieve it. Additionally, users are notified when their password is reset or changed.
Good passwords are hard to guess. We recommend that you use a combination of uncommon words or inside jokes, non-standard upper-casing, creative spelling, and non-obvious numbers and symbols in your password.
IVET Administrator accounts are private, password-protected accounts only accessible by the authorized administrator with 2D SMS validation. Your visitor data is securely held in the cloud and is your private data. We also utilize AES-256 to encrypt all data transmitted between devices and our server.
IVET staff do not access or interact with customer data or applications as part of normal operations. There may be cases where IVET staff is requested to interact with customer data or applications at the request of the customer for support purposes or where required by law. IVET staff may also inspect customer data to debug and troubleshoot platform issues.
We have a strict policy that IVET staff only access our customer's data when absolutely necessary to ensure account functionality. Employees are required to use strong passwords.
IVET maintains a detailed audit history of all data entry and modifications, coupled closely with WHO changed the data, WHEN it was changed, WHERE it was changed from and WHAT was changed.