Bank level security and privacy
Backup & Disaster Recovery
- Safefood 360° systems and data stores are backed up daily to secure offsite facilities provided by Amazon Web Services (S3).
- This ensures complete and speedy recovery in the highly unlikely event of data loss within primary systems. While our customers are not required to backup any data within Safefood 360° we do provide data export mechanisms throughout the platform.
Fault Tolerance & Redundancy
- Many aspects of the Safefood 360° platform are designed to be fault tolerant and redundant. This means that each layer of our infrastructure is designed to continue operations in the event of failure, in most cases automatically, requiring no human intervention.
- The platform is monitored by the operations team 24×7 to detect any anomalies or potential issues. In the event of a catastrophic failure involving an entire datacenter, Safefood 360 will be made available at a backup location.
- Privacy is an integral part of our product development and service lifecycle and we responsibly manage the data we store on your behalf.
- We only use Customer Data to provide the services we are contracted to provide you. This may include troubleshooting aimed at preventing, detecting and repairing problems affecting the operation of the services, the improvement of features and the protection against emerging and evolving threats.
- We will not disclose Customer Data to any third party (including law enforcement, other government entity, or civil litigant) except as you direct or unless required by law. In the event that you wish to discontinue use of our services then all data belonging to you will be returned in a structured and useable format.
- Security is our top priority and is a top priority for our customers. All data is encrypted in transit using 2048-bit Secure Socket Layer encryption with Extended Validation. This is a similar level of encryption used by financial institutions and the US Military. Numerous in-application security mechanisms are enforced including complex hashed passwords each stored with a unique SALT, immediate administrator notifications of security events and detailed audit logging.
- Two-factor authentication (IETF RFC 6238) through smartphone devices and SMS can be enabled at a user level or corporate wide.
Privacy is our top concern due to the sensitive nature of food safety information
Compliance & Data Retention
- Safefood 360°’s underlying systems (Microsoft Azure) complies with numerous international codes for information security including the E.U. Data Protection Directive (95/46/EC), ISO/IEC 27001:2005, SSAE 16/ ISAE 3402, HIPAA/HITECH and the PCI Data Security Standard.
- Additionally, Safefood 360 complies with the technical requirements of FDA 21 CFR Part 11 and EU Annex 11 dealing with the use of electronic data and electronic signatures in regulated environments.
- All customer data is retained indefinitely unless otherwise requested.
- Safefood 360° provides horizontal role based permissions across the system which allows user access to be granted on a need to know basis.
- Individual modules can be locked down on a user level allowing proper separation of duties based upon job responsibility.
- Individual user access can be quickly revoked by an administrator in the event of a termination
Physical Network Security
- Each datacenter employs various measures to help protect operations from power failure, physical intrusion, and network outages.
- Network perimeters are protected by technical controls such as firewalls, filtering routers and Access Control Lists (ACL’s) allowing access to only required services.
- 24 x 7 x 365 monitoring and surveillance, onsite security staff and strict access controls ensure continuity and security of service and operation
- The people that build and operate Safefood 360° are perhaps the most important security feature of the platform.
- All of our software development personnel are trained and experienced in secure programming techniques.
- Technical support staff are prohibited from viewing the content of your data without explicit permission to do so.
- Background checks are performed on the limited number of employees with the required security privileges to access customer data.
- We are committed to implementing the best security practices across our service. We perform regular penetration tests, vulnerability scans and secure coding assessments using internationally recognized and accredited third party security specialists.
- This extends to testing our Distributed Denial of Service (DDOS) protection systems. Audit reports are available to our enterprise customers under a confidentiality agreement.
- We continually monitor and seek to improve our security systems to help ensure your information is always protected.
