Blog

Our survey security policy

No comments

As a survey software provider it’s our job to keep our clients’ data safe. So far, we have earned the trust of 10,000+ users around the world, however, that doesn’t mean we can rest on our laurels. Our developers are working hard on new ways to keep your data locked all the time. Here’s a run down of our survey security policy.

Choose where your data is stored

CheckMarket’s security and privacy policy is among the strictest in the industry. In fact, we are one of the very few survey providers with multiple data centers around the world, meaning we can store your data wherever you want (US, Canada, Asia or EU). For example, as a result of recent privacy and security infringements many EU based companies prefer to have their data stored on European servers, that’s possible, you can choose.

Class A data centers

Regardless of the continent, all data is stored in Class A data centers with extensive physical security all of which are regularly audited. As an extra security protocol we were the very first survey tool to include Two Step Verification, drastically reducing the chances of someone breaking into a user’s account.

Backups on multiple drives

Rest assured, data loss is not an option with CheckMarket. Why? Because all data is synchronized between our data centers in real-time, with multiple copies stored on multiple machines on multiple hard drives.

HTTPS and SSL

Furthermore, HTTPS is turned on by default for all surveys and users guaranteeing that the collected data is always safe and protected. SSL encryption, also included by default, assures participant privacy and information integrity.

Use your own domain

We also offer the option to use your own domain or sub domain name to host your survey projects. This is not just a security measure; using your own domain will also increase the credibility of your survey, which in turn can impact the response rate.

 

CheckMarket’s hosting certificates

  • PCI DSS Level 1: Merchants and other service providers can run their applications on our PCI-compliant technology infrastructure for storing, processing, and transmitting credit card information in the cloud.
  • SOC 1/SSAE 16/ISAE 3402 (formerly SAS 70 Type II): The SOC 1 report audit attests to control objectives which are appropriately designed and that the individual controls defined to safeguard customer data are operating effectively.
  • ISO 27001: ISO 27001/27002 is a widely-adopted global security standard that sets out requirements and best practices for a systematic approach to managing company and customer information that’s based on periodic risk assessments.
  • FISMA Moderate: FISMA requires federal agencies to develop, document, and implement an information security system for its data and infrastructure based on the National Institute of Standards and Technology Special Publication 800-53, Revision 3 standard.
  • FIPS 140-2: The Federal Information Processing Standard (FIPS) Publication 140-2 is a US government security standard that specifies the security requirements for cryptographic modules protecting sensitive information.

Related topics

Leave a Reply

Your email address will not be published. Required fields are marked *