Security

How Does ClaimKit 2.0 Keep Your Files Safe and Secure?

We started as lawyers, so we know how important it is to keep your data safe. At ClaimKit, we make data security a top priority by utilizing state of the art server technology and third party security applications. When you use Privity, we aim to provide you with a secure connection, protect your data from interception and prevent disclosure of your personal data.

Here is how ClaimKit does it:

I. Infrastructure Security

SSL 256-bit Encryption

All information travelling between your browser and the Privity application is protected from eavesdroppers with 256-bit SSL encryption from Entrust. The green bar in your browser’s address bar lets you verify that you aren’t talking to a phishing site impersonating Privity and that your data is secure in transit. SSL Certificates are used by the top sureties, insurers, banks and governmental authorities to provide assurance to their users that the site is safe. Entrust is the trusted source of SSL security for a number of top sureties and insurers. Read more about their products and services here.

Trusted Amazon Security
ClaimKit partners with Amazon Web Services (AWS) to provide you with the most state of the art data hosting relationship for Privity users. Amazon builds services in accordance with security best practices. They have passed governmental security rigors and conduct consistent audits to demonstrate the security of their infrastructure and services. Serving clients like NASA, Netflix, Pinterest, Reddit, Foursquare, and a host of banks and medical companies, we feel confident that Amazon knows how to safely handle your important data. AWS has also successfully achieved the FISMA Moderate level by working with government agencies to certify their applications and workloads. Just in case you actually wanted to know, their services also have met the following standards: SAS70 Type II, FIPS 140-2, ITAR, ISO 27001, PCI DSS Level 1, SSAE 16, ISAE 3402, AICPA’s Trust Services Principles, HIPAA, and Cloud Service Alliance CAIQ. Visit their security page for more in-depth security information on AWS.

State of the Art US Datacenters
Privity’s AWS infrastructure is housed in Amazon-controlled data centers located in the USA (Virginia). Datacenter locations are kept confidential and are equipped with a variety of physical controls to prevent access. Innovative architectural and engineering solutions keep your data safe. AWS uses state of the art fire detection, uninterruptible backup power supply, climate control, and remote monitoring. Read more about AWS data centers and their security features in the AWS Security Processes Whitepaper.

Backups
The data in your Privity account is safely located on secure servers in Virginia. But, thanks to Amazon’s S3 and EBS services, your data is also replicated across multiple database servers in different geographic locations to prevent a single failure from causing data loss. These services protect your data from both device unavailability and detected bit-rot. Want to know more about AWS back up? Please check out the AWS Risk and Compliance Whitepaper.

Redundant Servers
Privity uses redundant servers and multiple backups to ensure that both its application and your files are available in the event of power loss or hardware failure.

Server Systems + Firewalls
The Privity application – including your data – rests securely behind Amazon-powered EC2 server operating system and firewalls. The server operating system is completely controlled by ClaimKit personnel. AWS has no control or access to Privity server instances and operating systems. Privity’s Amazon EC2 servers provide a complete firewall solution that operates in a “deny-all mode” allowing access only to those ports opened and monitored by ClaimKit personnel.  Firewall control is restricted to ClaimKit AWS certificate and key holders – thus preventing any unauthorized access.

Third Party Intrusion Detection
All of the traffic entering and leaving Privity’s network is monitored by Alert Logic and ClaimKit personnel. ClaimKit can spot and eliminate unusual or unauthorized activity in the interface and AWS provides additional intrusion detection in the network. AWS prevents against Denial of Service (DDoS) Attacks with multi-homed internet access and proprietary mitigation techniques; against Man in the Middle (MITM) Attacks with SSL protection; against IP Spoofing with host-based firewall infrastructure; and against port scanning through an intense internal investigation protocol.

Access Logging
AWS services are configured to log access to the application and store that information. The access log preserves access requests, including request type, requested data, requestor’s IP address, and time and date of request. Logging this data provides ClaimKit personnel both the benefit of access auditing and enhanced documentation for customers who are looking for custodial chains.

II. Procedural Security

Limited Administration
ClaimKit has installed controls to prevent unauthorized access to Privity. Administration access is encrypted, and only regularly provided to executive-level ClaimKit employees. No contractors or regular employees are provided with regular administrative access to Privity. In the event of needed technical support, ClaimKit Project Managers monitor technical support teams and limit their exposure to your data. Access keys and passwords are changed regularly.

Handling of Data
Devices and media that are sent to ClaimKit from you or your document custodians are handled with care, logged for any custodial changes, and preserved in a secure location. Data is loaded into ClaimKit’s internal, safe and secure local server, and access to it is restricted. Your data will be handled by your assigned ClaimKit Project Managers.

Privity Security Features
When we designed Privity, we kept the claim-handling process in mind. We installed features to limit exposure of files, preserve data, and protect your business computers from corruption. With Privity, users can segregate important data into locked-down folders; create limited users who cannot move files, create folders, or share access with others; build claim files for the handler’s eyes only; disable users and claim files without removing or deleting data; rest assured that no files can be deleted by a user; view, annotate and share files that are hosted remotely so that they don’t have to be opened on your own machine. These features, and many more, protect sensitive personal and company information from unlawful disclosure.

Privity Activity Logging
Privity logs activity on the go. That means that you, the user, will be able to see each and every person who has accessed your files, added notes, printed or downloaded items or uploaded files. We hope that you are pleased with every action you see in the log, but just in case you are not, the log allows ClaimKit personnel to help you eliminate user access, track document actions and remove risky files.

If you have any security concerns or questions feel free to contact us at info@claimkit.com.