| Privacy & Security |
|
|
ThinMind.com provides state-of-the-art security for our systems and data. Our top priority is ensuring that our environments are as secure and reliable as possible. This section outlines our approach to privacy and security. |
 |
|
|
|
| PCI Data Security Standard (PCI DSS) Compliant |
 |
|
|
The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data. Our systems are PCI DSS compliant and routinely tested to ensure that high standards are maintained to significantly reduce the risk that this site will be compromised and credit card or other sensitive data will be stolen or misused. |
 |
| |
|
| SSAE 16 Type II, SAS70 Type II & HIPPA/HITECH Certified Data Center |
|
|
|
Our production systems are located in a world-class data center in North Carolina. The data centers are SAS70 Type II certified, audited to meet HIPAA/HITECH privacy controls, and PCI DSS compliant. In addition, the data centers have successfully completed the Type II SOC 1 audit to meet the new SSAE 16 Type II certification (which is the successor to the current SAS 70 standard). The data center provides 24-hour physical security, fully redundant electrical power, fully redundant internet connectivity, and other backup equipment designed to keep our servers up and running. Our infrastructure team is the only group of employees given direct access to the production system, specifically for: systems management, maintenance, monitoring, and backups. |
|
|
| Reliability |
|
|
|
All networking components, SSL accelerators, load balancers, and web servers are configured for full redundancy. All customer data is stored on RAID disk arrays, designed for hi-availability systems. All customer data is backed up routinely throughout each day. In addition, all customer data is backed up to a tape library on a nightly basis. Backup tapes are moved to secure, fire-resistant, off-site storage on a regular basis. |
|
|
| Infrastucture Security |
|
|
|
Our systems are protected by multiple firewalls and monitored by intrusion detection systems. Our infrastructure team also monitors system logs to proactively identify any security threats or attacks. Finally, a third-party firm also monitors our security configurations for changes, vulnerabilities, and regularly conducts threat assessments. |
|
|
| Data Encryption |
|
|
|
Our systems use the most secure encryption products to protect customer data and communications. This includes 128-bit Thawte SSL Certification and 1024-bit RSA public keys. Your browser displays a lock icon indicating that data is fully shielded from access while in transit. |
|
|
| Data Backups |
|
|
|
All data is backed up nightly. Backups are then taken offsite and secured by Iron Mountain. These measures are a safeguard to ensure that your information will be safe. |
|
|
| Data Access Security |
|
|
|
Our application model enforces data level security with each request to prevent one ThinMind account from accessing another. This data level security is applied throughout your user session on the system. |
|
|
| Application Security Policy |
|
|
|
We recognize that every company has unique security guidelines outlined by their IT organizations. As a result, ThinMind allows you to configure over 20+ security options geared towards enforcing these guidelines. |
|
|
| Application Security Roles |
|
|
|
Each ThinMind account has the ability to create unique application security roles. The suite provides options to control menu level options, data access, and report / export access. |
|
|
| User Authentication |
|
|
|
Anyone accessing ThinMind must have a valid username and password to gain access. This information is encrypted via SSL while in transit. You have full control over who has access to your system using the Security Admin Tools provided in the ThinMind application. |
|
