Data Centers, Security and Compliance

Clinked provides maximum protection for your files and communication.

We take the security of your data seriously at Clinked. Your data will be protected to the highest possible level with bank-grade security, encrypted backups and additional security measures such as two-factor authentication, complex passwords and controlled user-based permissions.

DATA CENTERS

With Clinked, you can choose to host your solution in either a public cloud or a private cloud. If you’re interested in deploying your solution in a private cloud, you can get in touch here to discuss your requirements.

PUBLIC CLOUD SERVERS

Our public cloud servers are specifically located in AWS Ireland (EU) and Virginia (US).

PRIVATE CLOUD SERVERS

Using a private cloud would be the equivalent of having Clinked installed on-premise. Private cloud customers can decide on the location of their servers to ensure maximum performance and speed and can restrict access to groups by IP addresses, geographical locations etc. You can find out more here.

DATA HOSTING TIERS

Every data center has a tier ranking of 1, 2, 3 or 4. The 1 to 4 tier ranking system is a standardised methodology used to define the guaranteed uptime of a data center.

Clinked data centers are Tier3+. This means that our data centers offer a minimum of 98% availability. With our Enterprise packages, Clinked can also offer an SLA that defines the level of service expected from the service provider and our official commitment.

Clinked uptime status can be followed at http://stats.pingdom.com/hmv2xmdn981b

SECURITY

For data transfers and storage, Clinked uses end-to-end encryption, with 256 bit SSL in transit and AES encryption at rest — the same level of encryption you find with banks. Clinked also supports TLS 1.2 for all communication.

PERMISSIONS AND AUTHENTICATION

We go beyond offering bank-grade encryption for Clinked customers. There are additional security measures that you can take in order to enhance your data protection and comply with industry standards. Enterprise customers have IP restrictions as an optional add-on.

  • Two-factor authentication – Users require something they know (i.e. password) and something they have (i.e. smartphone) in order to access their account.
  • Complex passwords – When your users are setting up their account, you can opt to have them use a combination of letters, numbers and special characters for their password.
  • User-based permissions – Each user has set permissions, defined by the account administrator, enabling the relevant viewing or editor rights.
  • Audit trail – Account administrators can organise and track user activity and generate CSV reports. User activity includes who has viewed, downloaded, created, updated, deleted and logged in to their account.
  • Automatic account lockout – When a user tries to log in to their account and has been unsuccessful after 6 password attempts, his/her account will be locked for 1 hour.

COMPLIANCE

Clinked uses Amazon Web Services (AWS) for hosting its data centres for public cloud solutions, which are ISO 27001, SAS70, PCI certified, HIPAA compliant and comply with US federal government customer requirements by being FISMA and FIPs certified.

HIPAA COMPLIANT

Clinked implements the following security processes and protocols that make it part of a HIPAA compliant solution: encryption for documents in transit and at rest, complete audit trails, automatic log off, controlled logins and granular access to files and folders.

  • Audit trail – Account administrators can organise and track user activity and generate CSV reports. User activity includes who has viewed, downloaded, created, updated, deleted and logged in to their account.
  • Automatic log-off – Users are automatically logged out each time they leave your portal, or they can be automatically logged out of their account every 30 days.
  • Controlled logins – Implement authenticated logins and Administrators can view the audit trail to see when users have logged in.

GDPR

In the months leading up to 25th May 2018 (GDPR enforcement date), Clinked will be researching into the areas of our product and business that will be impacted by GDPR. We are then developing requirements for addressing the impact and preparing to implement the necessary changes. You can find updates on our progress here.

READY TO GET STARTED?