Personally Identifiable Information is not required to be collected from apps employing the Information Machine API. Our API identifies users through a unique identifier created by the app to represent a user.
Information Machine API Services are “read only”. No transactions can be made with a user’s account credentials.
Key components of our security include:
Data and Password Encryption
Password and account data are stored and transmitted in an encrypted format at all times. All data is securely housed in an Internet server hosting facility that provides enhanced physical security, fire protection and electronic shielding. Iamdata.co employs DigiCert certificates for Secure Socket Layer (SSL) connections. Click on the lock icon in your browser’s status bar to learn more.
Network Intrusion Detection Systems
Network-based IDS (intrusion detection system) provides 24×7 network monitoring and alerts security personnel to any external attacks on the network.
Physical Security Measures
Information Machine infrastructure is hosted within the Microsoft Azure Cloud. Security personnel are physically present at these sites 24x7. Access to servers requires multiple levels of authentication, including biometrics (hand print scan) procedures.
Rigorous Audits and Inspections
The security infrastructure is regularly audited and inspected by industry-leading third party auditors and security experts. Annual external audits for PCI DSS, SOX and HIPAA compliance, as well as internal assessments take place throughout the year. Our hosting environment has obtained ISO/IEC 27001:2005 certification and SAS 70 Type 1 and II attestations.