Here’s How We Keep Professional & Premier Plans Secure
Though FormAssembly’s Enterprise and Compliance Cloud plans offer higher levels of online form security and compliance built for industries with stricter requirements such as healthcare, FormAssembly Professional and Premier plans are also secure. No matter what plan you choose, you can be sure that your data is being transmitted safely due to our online form security best practices and procedures. Here are a few of the ways we keep you safe.
Maintaining solid application security starts with building a team that’s properly vetted and trained. In addition to running background checks for all new FormAssembly team members, part of the onboarding process includes comprehensive and mandatory privacy and security training. From there, we ensure ongoing success by maintaining a set of Information Security policies designed to make sure all employees are contributing to a secure workplace. This attention to our team benefits every plan, including Professional and Premier.
Strong processes help us maintain security for all FormAssembly plans on a daily basis and be prepared in the event of an attack. FormAssembly’s processes include:
- Incident Response Policy — Based on NIST best practices, this procedure governs the response during a security and is tested regularly.
- Disaster Recovery and Business Continuity Plans — These procedures are also designed to activate if a breach occurs, and employees are apprised of the role they play in these plans.
- Logging Best Practices — Under these best practices FormAssembly has implemented daily log review in a centralized, secure logging environment designed to provide a full audit trail of all access.
In addition to the processes listed here, we have many others in place to guarantee the safety of customer data.
For our data centers, FormAssembly partners with Amazon Web Services (AWS). AWS in turn boasts high security standards, many privacy/security certifications, and global data centers.
Top-of-the-Line Attack Defense
People, procedures, and partnerships, are just part of how we ensure online form security on Professional and Premier accounts. We also employ systems that guard against common attacks:
- Web Application Firewall — Our firewall guards your data against common attacks such as SQL injection and cross-site scripting.
- Intrusion Detection System — We use both IDS and IPS (Intrusion Prevention System) to increase security by monitoring and inspecting traffic for anything suspicious.
- Encryption — Data for all plans is encrypted in transit and at rest and sent over a secure HTTPS connection. We also are compliant with the industry standard TLS 1.2.
These are just a fraction of the controls in place that guarantee a safe and secure environment for FormAssembly Professional and Premier users. All FormAssembly plans are compliant with the GDPR/CCPA, and are PCI DSS Level 1 certified.
So, are Professional and Premier plans secure? The answer is yes! While the HIPAA compliance and Sensitive Data Management available on our Compliance Cloud plan may be a requirement for some organizations, Professional and Premier plans offer a great deal in terms of online form security.
With your mind at ease about FormAssembly security, why not sign up for a free trial?