We take matters of data security very seriously at EvTrack. Our solution is hosted using the highly reliable Amazon AWS servers, which offer optimal uptime, and data security for our customers and the related visitor management and access control data.
Our hosting partner is AWS and our servers are hosted in a world-class AWS data centre, that is protected by biometric locks and 24-hour surveillance. We ensure that our application is always up to date with the latest security patches. Our network is protected by redundant firewalls, secure HTTPS transport over public networks, regular audits, and Web Application Firewall (WAF) and Intrusion Detection Systems (IDS) which monitor and/or block malicious traffic and network attacks.
Our network security architecture consists of multiple security zones. More sensitive systems, like database servers, are protected in our most trusted zones that are not accessible from the internet. Data transferred between EvTrack servers use a private network.
EvTrack uses a multi-tenant data model to host all its applications. Each application is serviced from an individual virtual private cloud and each customer is uniquely identified by a tenant ID. The application is engineered and verified to ensure that it always fetches data only for the logged-in tenant. Per this design, no customer has access to another customer’s data.
When it comes to secure credential storage, EvTrack follows best practices: Never storing passwords in a human-readable format, and only after a secure, salted, one-way hash (bcrypt).
EvTrack has an in-built authentication module where it provides the ability for customers to define user names and assign access roles.
All data at rest is encrypted using AES standards with the keys being managed by AWS Key Management Service. All data in transit is encrypted using HTTPS FIPS-140-2 standard encryption.
All the events and activities are logged. Application Audit Logs within the Admin console (Report > Audit Report) captures the user activities and configuration changes or all users. These logs are read-only and also encrypted for protection.
A continuous backup is maintained in different data centres to support a system failover if it were to occur in the primary datacenter. Data is backed up to persistent storage every day and retained for the last seven days.
All backups are encrypted using AES 256-bit encryption and keys being managed through AWS Key Management Services (KMS).
By Default, EvTrack does not have access to any of the customer's data. In case a customer wants an EvTrack representative to work on their account, they have to add them as an occasional agent.
EvTrack stores and processes customer data, where data refers to all electronic data, messages, or other material submitted to EvTrack by the customer through the customer’s account in connection with the customer’s use of EvTrack’s service(s). This data is processed in compliance with applicable laws and regulations for the purpose of providing services in the EvTrack Visitor and Access Control Management System. As a data processor, EvTrack performs operations or set of operations on this data in relation to services offered.
‘Data hosted’ means data stored for the delivery of services we provide as a data processor and includes data stored for backup.
Data Deletion post account termination: Any data deleted will be erased 14 days post date of termination.
Being the data controller, the customer gets to decide what data to host/process in EvTrack. EvTrack processes data in accordance with your terms of service
Data is retained as long as the customer is active and using our products. If any delete is performed by the users (tenants, admin, etc…) - then the delete is immediate. However, logs will be retained. These archived logs would also be purged automatically after 12 months. The log will just contain only information about the action or event and associated details. Logs will not have any data including PII.
Upon Account Termination, all account data will be deleted after 14 days from the date of termination. Logs will be retained as mentioned above.