Security

ESCROW DEPOSIT SECURITY

escrow-deposit-security

Escrow deposits and updates submitted to Guard-IT are securely transmitted and encrypted, and then stored invisibly, anonymously and redundantly in the Cloud. Fortunately, gone are the days of burning CDs or DVDs and preparing physical shipments.

Our proprietary protocol, including our upload form and encryption process, makes the Developer’s part of the escrow maintenance (deposits and deposit updates) very easy to manage.

Uploads are made using an encrypted connection using Transport Layer Security (TLS) 1.2 and modern cipher suites. Once the upload is complete, a separate process encrypts the file with a military-grade, 1024-bit key that is practically un-hackable according to most security professionals. Anyone who might happen to “find” an encrypted would only see anonymous and encrypted gibberish. This encryption is performed in a virtual space that is isolated and not accessible by even our own web server and traffic.

The anonymous file is then sent to a secure, redundant Cloud location accessible only by authorized Guard-IT personnel. All encryption, movement, storage and access (if needed or required by the escrow agreement) is thoroughly logged and archived.

Once moved to its final archive location, the original encrypted file is deleted from our server.

Further, to maintain this level of security we perform monthly “white-hat" penetration tests on our own systems to ensure the ongoing integrity of the transfer and storage sites. Security updates are scanned daily and applied immediately.