Security

Datagain ensures security of all documents and data during all stages of every project. Some of the security measures include the following:

Document Security
Original client source documents are never used by our data entry operators. All documents are first scanned using high-speed document scanners, and then data is either extracted using text recognition methodologies or is keyed from scanned images. As required, we utilize the services of a certified document destruction firm to dispose of client source documents to ensure total document security.

Server Security 
Datagain uses Amazon Web Services (AWS) that delivers a highly scalable cloud computing platform with high availability and dependability, and the flexibility. In order to provide end-to-end security and end-to-end privacy, AWS builds services in accordance with security best practices, provides appropriate security features in those services, and documents how to use those features.
At a high level, AWS has the following approach to secure the AWS infrastructure:

  • Certifications and Accreditations. AWS has in the past successfully completed multiple SAS70 Type II audits, and as of September 30, 2011 publishes a Service Organization Controls 1 (SOC 1) report, published under both the SSAE 16 and the ISAE 3402 professional standards. In addition, AWS has achieved ISO 27001 certification, has been successfully validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS), and has received FISMA-Moderate Authority to Operate. AWS continues to obtain the appropriate security certifications and conduct audits to demonstrate the security of their infrastructure and services.
  • Physical Security. Amazon has many years of experience in designing, constructing, and operating large-scale data centers. AWS infrastructure is housed in Amazon-controlled data centers throughout the world. Only those within Amazon who have a legitimate business need to have such information know the actual location of these data centers, and the data centers themselves are secured with a variety of physical controls to prevent unauthorized access.
  • Secure Services. Each of the services within the AWS cloud is architected to be secure and contains a number of capabilities that restrict unauthorized access or usage without sacrificing the flexibility that customers demand.
  • Data Privacy. AWS enables users to encrypt their personal or business data within the AWS cloud and publishes backup and redundancy procedures for services so that customers can gain greater understanding of how their data flows throughout AWS.

Storage Security and Backup Recovery
Datagain uses Amazon Simple Storage Service (S3) that delivers high level of data security and protection.

  • Security: Only the bucket and object owners originally have access to Amazon S3 resources they create. Amazon S3 supports user authentication to control access to data.
  • Durability. Amazon S3 is designed to provide 99.999999999% durability of objects over a given year. This durability level corresponds to an average annual expected loss of 0.000000001% of objects. For example, if you store 10,000 objects with Amazon S3, you can on average expect to incur a loss of a single object once every 10,000,000 years. In addition, Amazon S3 is designed to sustain the concurrent loss of data in two facilities.