Security
The measures we take to ensure your company's information remains confidential, safe and secure.
Security Measures
Many measures have been taken to ensure that your company's information remains confidential, safe and secure during all levels of transmission and storage. All our applications and services meet our stringent security requirements:
- Maintaining confidentiality of communication
- Prevention of tampering or corruption of messages
- Ensuring verifiable delivery of messages
- Preventing impersonation of services
- Encryption of sensitive data
Proven Track Record
Data Dynamics has never had a data breach or any information compromised in over two decades of serving our customers. You can rest assured that all your data and communication will always remain confidential, safe and secure.
Our security recipe for all communications and data in transit includes a combination of end-to-end transport-level security, with an additional layer of message-level encryption for enhanced privacy and data integrity.
Protocols
From encryption algorithms to certificates - the ingredients we use in our security recipe.
Latest Protocols
All communications support the latest TLS cryptography protocol with AES 256-bit encryption for point-to-point transport-level security. An additional layer of message-level security has also been implemented to provide secure end-to-end encryption for all SOAP related messages transmitted between client applications and web services.
What this all means for you? All requests and responses are encrypted, authenticated and authorized. If a third party where to intercept the encrypted data, it would be impossible to decipher. In addition, your credentials are protected with a one-way salted hash algorithm which prevents it from being reverse engineered even in the unlikely event of the data ever being compromised.
Other Security Features
More core security features built into our client applications and web services.
Authentication & Authorization
All requests are authenticated against the user's stored encrypted credentials. Once the credentials are verified the requested action must to be authorized and deemed permissible before processing.
Anti-request forgery
We protect against cross-site request forgery (XSRF or CSRF) attacks by validating, encoding or escaping all user inputs and outputs. A unique antiforgery token is injected into each request.
Third-party frameworks
Among our other security measures, we limit our use of third-party frameworks so as to avoid the common exploits targeting known vulnerabilities in popular codebases.
Symmetric & Asymmetric Encryption
We use a combination of symmetric and asymmetric cryptography, as this provides a good compromise between performance and security when transmitting data securely.