Information on SkyCiv’s file management and payment security processes
There’s no reason to fear the cloud. Banks and private companies all store data, software and systems online. Technology is ever-evolving to become more safe and secure for users to work online. SkyCiv uses some of the same technology to ensure the safety of our users’ files and personal information. Not totally clear on the cloud? Learn more about the cloud in SkyCiv’s article: “What is the Cloud Exactly?”
SOC2, or the Service Organization Control 2, is a type of audit that assesses the internal controls of a service organization. The purpose of a SOC2 audit is to provide assurance to customers of the service organization that their data is being handled properly and securely. SOC2 compliance ensures organizations comply with various regulations and industry standards. For example, many industries have specific requirements for the handling of sensitive data, and a SOC2 audit can provide evidence that an organization is meeting those requirements.
In order to be SOC 2 compliant, external auditors will assess whether the vendor is compliant based on the following five trust principles based on the vendors systems and processes:
- Process Integrity
SkyCiv is pleased to offer the option of adding two-factor authentication (or multi-factor authentication) to your SkyCiv account. This has been designed to add an extra layer of security to your account, should you require this. Along with your existing username and password, two-factor authentication requires you to input a one-time password into your account when you log in. This means that even if someone managed to obtain your username and password, they still will not be able to access your account.
How To Setup Two Factor Authentication
To enable two-factor authentication (2FA) on your SkyCiv account visit the “Profile and Password” in your account settings Before you set up 2FA you will need to have an installed 2FA App on a camera-capable device like your phone. We recommend the following options:
- Google Authenticator (iOS and Google Play)
- Microsoft Authenticator
After downloading and installing the authentication app of your choice click the blue “Enable 2FA” option at the bottom of the page. From here you will need to complete the following steps:
- Open your Authenticator App and Scan the QR Code (Alternatively use the app key listed underneath instead).
- Record your backup codes in a secure place. These can be used to log in to your account should you lose or cannot access your phone.
- Fill in the field at the bottom of the page with the current code from your authentication app and click “Enable 2FA”.
- Should you wish to reset or remove 2FA from your account under the same Profile and Password settings page
Your account will now be secured by 2FA and you will be required to enter a one-time password from your authenticator app each time you log in:
Where is my credit card stored?
SkyCiv uses third-party merchant Stripe to take payments. These merchants are large companies whose entire business revolve around taking payments and ensuring credit card information remains safe. This is what they do best. SkyCiv will never store your credit card information, but rather passes this information directly (through the same SSL encryption that banks use) to the merchant. You can learn more about Stripe’s security and privacy on this page.
Are my files safe?
SkyCiv stores our users’ files on our secure servers, that can only be accessed by the user and SkyCiv Developers for Customer Support. SkyCiv also has systems in place to protect your information from being accessed by anyone who is not logged in under your account. Some of these systems include 2FA, Platform Encryption, GDPR procedures, SOC2 compliance and regular platform security updates.
SkyCiv also runs automatic backups of our server to ensure your files are kept safe. So if you ever accidentally delete or lose your files, please email us at [email protected] and we can recover them for you! Learn more about our Record Keeping.
Like all quality web services, data sent to and from SkyCiv servers is encrypted with 256-bit encryption using TLS/SSL. SkyCiv scores an “A” rating on Qualys SSL Labs‘ testing so that you can be sure the data you send to and from SkyCiv is secured. In human terms – it would take an incredibly powerful (quantum) computer about 2,610,000,000,000 years to crack this encryption.
What other security measures do you take?
In order to protect your Personal Data held with us and our Service Providers, we are using industry-standard physical, procedural and electronic measures as appropriate. Some of these include; using SSL certificate encryption, only using servers that are SOC1 and SOC2 compliant, using password encryption and the latest bot-detection software. As mentioned we also offer 2FA for account protection.