Time Doctor's data security and privacy measures
We have received some questions recently about how we protect the privacy and integrity of the data of those who use Time Doctor. Here you will find further information about the security measures we have implemented in order to demonstrate that we are deeply committed to keeping safe and secure all of the data our clients have entrusted to the Time Doctor system.
Whether you are uploading task changes, recording time worked, transmitting screenshots or anything else that involves communication between your browser and/or the Time Doctor desktop application and our servers, you can be reassured that your data is always safe from interception or compromise.
How do we keep the information secure? We have implemented the industry standard that is used by millions of websites in the protection of their online transactions with their customers, known as SSL (Secure Sockets Layer) encryption.
SSL is the global industry standard security technology for establishing an encrypted (coded) link between a web server and a browser:
Make sure you see this symbol when sending sensitive information over the internet
Here is a short explanation about SSL:
"Web servers and browsers use the Secure Sockets Layer (SSL) protocol to create a unique, encrypted channel for private communications over the public Internet. Each SSL Certificate consists of a public key (used to encrypt information ) and a private key (used to decipher it)."
When you use Time Doctor, a level of encryption is established between your Time Doctor desktop application and/or web browser and our remote servers.
Encryption means that your data is put into code form so that it is meaningless to anyone who cannot decode it. We all know codes can be broken though, so how do you know the type of coding we use (SSL) is strong enough to make sure no one can break it? Read on and find out:
Here is the details about the encrypted connection Time Doctor uses:
"Your connection to gw.timedoctor.com is encrypted with 256-bit encryption. The connection is encrypted using AES_256_CBC, with SHA1 for message authentication and DHE_RSA as the key exchange mechanism."
(Any site that uses SSL certificates has a little padlock in the address bar. You can click on this to get the SSL certificate information.)
Can this code be broken? Just so you understand how strong the 256-bit level of security is, any type of encryption higher than 128-bit is called "strong encryption" which, at 128 bits, is over one trillion multiplied by one trillion times more secure than 40-bit encryption.
In practical terms, what this means is that at current computing speeds, a hacker with the time, tools, and motivation to attack using brute force would need over a trillion years to break into a session protected by a "strong encryption" certificate.
If you do further research regarding cryptography and encoding, you will find that "strong encryption" represents a standard of coding that cannot be broken using any known type of computer or reasonable amount of time.
This is why SSL is a security standard used around the world by bank and credit card websites, e-commerce sites, in fact, any site or company who demands the most secure forms of protected communication to keep people's personal and financial information safe.
So you can be fully confident about the security of your data because of Time Doctor's implementation and use of 256-bit "strong encryption" SSL Certificates.
Then when it comes to your data on the Time Doctor servers, rest assured all of the information, logs and data you have entrusted to us are also safe. The files and databases are protected with secure file encryption standards and algorithms.
Additionally, all of Time Doctor's servers are in data centers monitored 24/7 and maintained with industry standard security protocols that have special intrusion detection systems to completely block any malicious connections or attempts to hack into the system.
We hope you will agree that Time Doctor is totally committed to the safety and privacy of your data and has made and will continue to make every effort to ensure that we are worthy of the trust you have placed in our company with your valuable time, resources and money.
Please contact us at firstname.lastname@example.org if you have any other questions regarding the security measures and protocols we use to protect our customer's data.
For questions, comments or feedback regarding this topic, please send an email to email@example.com.