Track-Kit Security

With Track-Kit, Security Is In the Design

Comprehensive security

The core of Track-Kit’s security is in the way it is provided to users. Track-Kit uses the Software as a Service (SaaS) model, also known as “cloud-based”. We use world-class cloud services providers including Microsoft Azure Government and Amazon Web Services (AWS) to host and deliver our online software solutions, which incorporate the highest security measures.

Secure system architecture

  • User data is stored in a secure SQL database on its own dedicated server; this server is not exposed to the public internet
  • The web server accesses the database via encrypted authorization keys which are stored in a secure storage environment
  • Uses the latest Transport Layer Security (TLS 1.2) protocol to communicate with its database server, preventing any interception or unauthorized logging of communications between Track-Kit and the database server

User privacy and safety is built-in

  • Safeguards user data via a secure database server and through the use of encryption during any interaction between system components
  • The user environment has been designed to protect users while providing broad administrative control
  • Local administrators can create and maintain user accounts and configure user roles in Track-Kit, allowing you to specify role-based user access to different functions
  • User passwords are protected using RFC 2898 encryption standards, a method which prevents an unauthorized intruder from reverse-engineering a user’s password
  • Users always access Track-Kit from a secure connection (Secure Certificate, TLS 1.2 minimum) over Port 443, preventing eavesdropping or interception

Business continuity and disaster recovery

  • Track-Kit database servers are maintained in duplicate across independent regional sites
  • In the event that an outage or a physical disaster takes one server offline, the hosting service initiates failover to the nearest standby server in order to prevent interruption or data loss
  • The Track-Kit hosting service creates full database backups on a scheduled basis
  • All database files, backup files, and log files at rest are encrypted
  • Transparent Date Encryption (TDE) is used to encrypt data at rest when it is stored in the database
  • All database backups are stored with AES-256 encryption, the same standard that is used by the US government