Data Security
At KidCheck, our focus is not just on helping with the security of the children in your care, but the security of data as well. We take the security of your information very seriously. It’s a top priority, every day. On this page we’ll cover some of the technologies and practices we’ve put in place to protect your identity and your information:
Here’s what we do to protect your information:
- Regardless if you’re creating your account, or checking in at a KidCheck facility, KidCheck always transmits information securely using 128bit data encryption. This prevents potential hackers from “tapping” a data conversation.
- Your login credentials are encrypted.
- Our servers are housed in a certified secure data center facility protected 24/7.
- We apply bank-level data security standards. This includes encryption, auditing, logging, backups, and safe-guarding data.
- KidCheck personnel have undergone state and federal background checks.
Technical System Description
Below are brief descriptions of the systems and technologies we have put in place to make sure your information is stored and managed with the highest levels of security and due diligence available.
1) Managed Network Intrusion Detection, Prevention and Network Security
KidCheck’s network is secured by a managed firewall device that provides several key security layers to detect and prevent network intrusion. Our firewall is managed & monitored by a 3rd party company that provides us with 24/7 threat detection monitoring and notification, firewall firmware updates, as well as overall network access monitoring. Our system consists of 2 separate and independent firewall devices that operate in an active/passive failover configuration. Should the primary hardware device fail, the secondary comes on-line immediately and provides us with the ability to continue to provide service even in the event of a catastrophic hardware failure.
2) Information Security
Information is secured in our network using several layers of protection. Any non-web server is on a separate non-routable subnet than our Internet exposed web servers. This greatly increases the difficulty of accessing any of our database servers from the open Internet and shields those servers from the vast majority of automated internet attacks. All of the actual data within KidCheck then resides on a secured Storage Area Network that is also on its own non-routable subnet behind the SQL servers. Any sensitive data, including passwords, is encrypted within the database itself to ensure if it were compromised the information would not be readable and hold no value.
3) Secure Communications
All aspects of the KidCheck application are protected by a 128 bit SSL data connection. Our SSL certificate is a verified wildcard certificate meaning that every customer is provided the same level of protection for all data transmissions. KidCheck also checks every browser connection on every page to ensure that the connection is protected, encrypted, and accessible by the user that requested it.
4) User Authentication
User authentication is handled by our own custom authentication system. Every URL request made to KidCheck is verified to ensure that a user has logged in and has access to the requested URL as well as the requested data. All passwords are required to be 6 characters or longer and are stored encrypted in our database. In addition, every user is required to have a globally unique username and any changes or updates to any record are logged and the last user to make a change is displayed at the bottom of each page.
5) Virus Protection
Virus detection and removal is handled at the firewall by our antivirus system. Data that enters the network is scanned prior to it ever entering the KidCheck network. Virus definitions are managed by the antivirus provider and updates are pushed to our firewall as soon as they become available.
6) Data Recovery
System backups are handled directly on our Storage Area Network (SAN). Our LeftHand Networks SAN employs a snapshot based backup technique that allows us to run a complete system backup of all customers in less than 1 second. Snapshots are taken every 12 hours automatically. The SAN is also protected using a network based RAID scheme that provides us with the resiliency to lose 50% of our independent SAN devices as well as up to 32 hard drives before any data is compromised. In addition, the SAN allows us to remotely replicate the snapshot data to a disaster recovery datacenter for complete off site backup.
7) Patches & Vulnerabilities
Any patches or firmware that is needed to update firewalls, servers or storage systems are automatically pushed out from either Cisco or Microsoft. All systems can be patched and updated without taking the system off-line.
8) Physical Security
All servers and systems are housed in an approved and secured datacenter with state of the art security. All datacenters must meet these requirements:
- 24×7 staffed and monitored datacenter.
- Secure access card guaranteeing authorized access only.
- Redundant power back up by a UPS and generator ensures availability in the event of power outages.
- Dry pipe fire suppression system will ensure hardware is safe in the event of a fire.
- Redundant internet connections on different internet service providers and different internet backbones to different geographic regions.
Here are some things you can do to help:
- Protect your computer’s security.
- Keep your computer and browser software current with security updates.
- Install and update anti-virus and anti-spyware software and use personal firewalls to protect your computer.
- Be alert to the threats posed by malware–(malicious software) which can damage or disrupt your system, or secretly record information such as keystrokes;
- Do not enable automatic login to your KidCheck.com account or pre-fill the Login ID or password fields.
- Change your password periodically and avoid using passwords for KidCheck.com that you commonly use for other purposes.
For more information on how to protect your personal computer, including links to vendors providing anti-virus and anti-spyware software, you can visit the Federal Trade Commission’s site. Microsoft Corporation provides additional information specific to the Windows operating system at microsoft.com/security. Users of Apple computers can find security information at https://support.apple.com/guide/security/welcome/web.
Use your computer in a safe manner
- Do not share your Login ID and password with anyone.
- Check to make sure you are interacting with a secure Web site when logged in (https://…).
- Always log off after completing your activities on KidCheck.com.
- Be careful about using KidCheck on third-party computers or computers that you are not familiar with such as those in Internet cafés and be careful to ensure you have fully logged out.