Time Doctor Protects Your Data
We work towards improving our security every single day at Time Doctor. To do so properly, we follow the best security practices. These include:
- - Encrypted data transfer (HTTPS)
- - Email verification
- - A strong password management policy
- - Internal system logging
- - Network and overall infrastructure security
- - Physical security
- - Two-factor authentication (2fa)
External Audits and Security
At Time Doctor, we do our best to provide the best security to our customers. Because of that, we integrate and work with external companies that help us to carry out regular penetration testing, patching, and security audits to identify any possible issues and resolve them within a short period of time.
Time Doctor is working with an external penetration testing partner - NetSparker for regular weekly / monthly security scans and penetration testing which guarantees the highest possible level of security.
Backups and Reliability
Our backups are done on a daily basis, which guarantees consistency and a quick reaction from our side in case data restoration is needed.
In case of a data breach, we have a procedure in place that dictates how and when to make a responsible disclosure to the affected parties, with the first communication occurring within 72 hours of our becoming aware of the incident.
Software Development Security
Time Doctor uses a Git version control system. Changes to Time Doctor’s code base go through a suite of automated tests before being reviewed and sent through a round of manual testing. When code changes pass through the automated testing system, they are first pushed to a staging environment where timedoctor.com employees test the changes before they’re pushed to our production servers. Changes that are critical, due to security or for other reasons, are fast-tracked to production while still being tested thoroughly.
Confidentiality & Employee Access
We strictly regulate our employees’ access to the data you and your users store with timedoctor.com. Access is limited to those few employees who need it for troubleshooting or support.
No timedoctor.com employees ever access customer accounts unless required for troubleshooting or support. When working on a support issue, we do our best to respect your privacy as much as possible and only access the files and settings needed to resolve your issue.
Screenshots are an optional Time Doctor feature. If activated, the screenshots feature will take and store screenshots of your employees’ monitors at the time interval that you specify.
If you use the screenshots feature, you can rest assured that the screenshots and all other data are stored securely. All communication to the server is secured by SSL encryption. Files on the server are encrypted to provide an extra level of security for company data. The servers are located in secure enterprise data center facilities with 24/7 monitoring and hosting support.
Billing Information Protection
When you sign up for a paid account on Time Doctor, we do not store any of your credit card information.
All credit card transactions are processed using Stripe’s secure encryption, which is the same level of encryption used by leading banks. Card information is transmitted, stored, and processed securely on a PCI-compliant network.