Data Centers, Security and Compliance

Our public cloud servers are specifically located in AWS Ireland (EU) and Virginia (US).

Using a private cloud would be the equivalent of having Clinked installed on-premise. Private cloud customers can decide on the location of their servers to ensure maximum performance and speed and can restrict access to groups by IP addresses, geographical locations etc. You can find out more here.

Every data center has a tier ranking of 1, 2, 3 or 4. The 1 to 4 tier ranking system is a standardised methodology used to define the guaranteed uptime of a data center.

Clinked data centers are Tier3+. This means that our data centers offer a minimum of 98% availability. With our Enterprise packages, Clinked can also offer an SLA that defines the level of service expected from the service provider and our official commitment.

Clinked uptime status can be followed at http://stats.pingdom.com/hmv2xmdn981b

We go beyond offering bank-grade encryption for Clinked customers. There are additional security measures that you can take in order to enhance your data protection and comply with industry standards. Enterprise customers have IP restrictions as an optional add-on.

• Two-factor authentication – Users require something they know (i.e. password) and something they have (i.e. smartphone) in order to access their account.

• Complex passwords – When your users are setting up their account, you can opt to have them use a combination of letters, numbers and special characters for their password.

• User-based permissions – Each user has set permissions, defined by the account administrator, enabling the relevant viewing or editor rights.

• Audit trail – Account administrators can organise and track user activity and generate CSV reports. User activity includes who has viewed, downloaded, created, updated, deleted and logged in to their account.

• Automatic account lockout – When a user tries to log in to their account and has been unsuccessful after 6 password attempts, his/her account will be locked for 1 hour.

Clinked implements the following security processes and protocols that make it part of a HIPAA compliant solution: encryption for documents in transit and at rest, complete audit trails, automatic log off, controlled logins and granular access to files and folders.

• End-to-end encryption – We use 256 bit SSL in transit and AES encryption at rest.

• Audit trail – Account administrators can organise and track user activity and generate CSV reports. User activity includes who has viewed, downloaded, created, updated, deleted and logged in to their account.

• Automatic log-off – Users are automatically logged out each time they leave your portal, or they can be automatically logged out of their account every 30 days.

• Controlled logins – Implement authenticated logins and Administrators can view the audit trail to see when users have logged in.

• Granular access to files/folders – Administrators have complete control over which members are able to view, edit, download and delete content.

In the months leading up to 25th May 2018 (GDPR enforcement date), Clinked will be researching into the areas of our product and business that will be impacted by GDPR. We are then developing requirements for addressing the impact and preparing to implement the necessary changes. You can find updates on our progress here.