Security of Data Collection

 

      All data transfers and work on Vision Critical software is handled through HTTP connections over SSL.  Server hardening ensures that only secure, high grade encryption can be negotiated by the servers.

 

Vision Critical deploy a multilayered approach to help protect client data from malicious attackers within Sparq. We first ensure that all user interaction with our product "Sparq" occurs over a secure encrypted connections using 128-bit SSL encryption. This method reduces the possibility of an attacker from capturing confidential information over internet connections. Our applications also use 'secure cookies' to prevent malicious attackers from stealing the information within those files. Client information that is exchange between Vision Critical employees occur over secure private networks (VPN) and that emails sent to end users does not expose any personally identifiable information (PII). When a new client comes onboard, only one Panel administrator account is created and assigned to a representative of the client (designated by the client) in Sparq. Only this account will have administrative privileges and the client can use this account to administer and create additional Panel Administrator, Author and Observer accounts and groups as required. Access to Sparq is strictly control by the client's designated administrator but can also be further limited to specific users or groups of their choice. All users of the system (administrators and respondents) are required to log into the system using a unique username/password combination in order to access data. Additionally within Sparq, each client database is encrypted and separated from other client databases to prevent unauthorized or accidental access to confidential information. To further safeguard the confidentially of client data, Vision Critical anonymizes (removal of personally identifiable information) production data before they are transferred.