Enquirya Platform Security

Our Commitment to Security

At Enquirya, nothing is considered more important than protecting your data from unauthorized access or loss. We have woven a data-security culture into our DNA. It's manifested in the security features of our platform, the selection of our technology partners and vendors, employee training, company policies, adherence to the latest best practices and developments in the field, and vigorous testing and quality assurance practices that go into every release of our technology.

We realize that we have to work hard to deserve your trust, and we are committed to doing so. The following is an overview of our security measures. Please note that some details have been excluded in order to protect the integrity of these security solutions.

Physical Layer

Enquirya is using Amazon Web Services (AWS) as its infrastructure provider. AWS has built a reputation for providing some of the most secure and best-run data centers in the world.

AWS is:

  • SOC 1 and 2 / SSAE 16 / ISAE 3402 Certified (formerly SAS70)
  • SOC 3 Certified
  • ISO 27001 Security Certified
  • Authorized by U.S. General Services Administration to operate at the FISMA Moderate level
  • Capable of supporting Payment Card Industry (PCI) compliant applications when AWS and Caspio-provided security controls are used in tandem

 

Caspio Security - SAS-70, ISO and PCI Compliance

 

These compliances and certifications ensure that AWS adheres to the stringent security standards that meet or exceed the requirements of some of the most sensitive data and applications.

Network and Systems Layer

Our servers and firewalls are configured to allow only the absolute minimum level of access. All unnecessary users, protocols and ports are disabled and monitored.

Operating systems and third-party software are kept current with the latest upgrades and patches recommended by their vendors.

Our databases and backups can only be accessed through trusted and secure authentication, using the OAuth 2.0 standard.

Human Layer

All data maintained in your Enquirya account is owned by you. Only a few select, qualified and authorized personnel are allowed access to servers when necessary for system management, maintenance, monitoring, and backups.

We follow rigorous hiring practices and every administrative, IT, support, and sales candidate undergoes a background check.

Our support engineers may only access your account when explicitly authorized by you to resolve problems or issues reported by you or to address issues for which we are contractually authorized.

All account logins are tracked for reference.

Application Layer

The Enquirya platform offers an extensive list of features to help you protect and secure your account and data:

Account Authentication - Your account is protected by your Account ID and password. We encourage you to use strong passwords, protect them from others, and change them often. You are advised to only access your account from trusted devices and networks. We do not store sensitive user data in cookies or utilize other high-risk user or session tracking methods.

Data Encryption - When you log into your Enquirya account, your session is secured with SSL encryption.

How to Contact Us

Should you have other questions or concerns about these security policies, please send us an e-mail at: info@enquirya.com