Security Statement |
Overview |
|
|
PsychData provides superior online research services to the social science community. A critical component of this goal is ensuring the security of each researcher’s data. PsychData is specifically designed to meet and exceed industry standards for Internet security as well as IRB standards for the protection of research participants. Our servers, database, and web presence employ multiple forms of enterprise-level security features to accomplish these goals. Interested parties will find the details of our security statement below. We actively foster an open dialogue with interested parties in order to continuously improve our services.
|
Server Infrastructure |
|
|
Our servers are housed in a secure data facility and are monitored 24 hours-per-day and 7 days-per-week by network operations personnel for all aspects of operational security. Biometric/intrusion sensors, card readers, personal identification numbers, and environmental sensors are used to ensure server integrity and safety. Redundant HVAC systems ensure an optimized operational environment. Server power is provided by a redundant, multi-stage, uninterruptible system. Even in the event of a catastrophic commercial power failure, diesel generators seamlessly provide backup power. A redundant, high-bandwidth, private transport network provides connectivity between our servers and the world. The local fiber connectivity is redundant with three fiber rings with dual entry points from Optical Carrier-12 (OC-12) hardware. This network has demonstrated 99.999% availability, which means that the network will be down no more than 5 minutes in one year.
|
Enterprise-Level Database Architecture |
|
|
PsychData utilizes a robust, centralized, and enterprise-level SQL Server database that is easily capable of handling millions of records and multiple concurrent users. All database transactions utilize TSQL stored procedures for increased database security and efficiency. In addition, our database has been carefully constructed to achieve architecture efficiency and conforms to the Second Normal Form (2NF).
|
Server Operating System |
|
|
All servers must use some form of software "platform" in order to operate.
PsychData servers are powered by Windows Server 2003 and utilize Internet Information Services (IIS) 6.0.
Microsoft Windows Server 2003 is considered to be as secure or more secure than Apache and Linux/Unix platforms.
Our servers are professionally administered, updated with the latest security patches and closely monitored at all times.
|
Secure Socket Layer (SSL) 128-bit Encryption |
|
|
In order to protect data and other sensitive information during transit from our web pages to our database, we utilize Secure Socket Layer (SSL) 128-bit encryption technology. For many years, Internet-based credit card transactions have been successfully protected by SSL, which utilizes state-of-the art SSL encryption algorithms. Data is encrypted at the instant that a user submits it and can only be decoded by the target server. PsychData has been granted an SSL certificate from VeriSign, the industry leader in SSL technology.
|
Code Base |
|
|
All websites are dependent on the "code base", or programming, which actually runs the site. PsychData provides additional levels of security to our users through our carefully scripted Active Server Pages (ASP) code base. Our logic-routines are server-side and all transactions are first verified for authenticity against database records. Forms (i.e., surveys) are processed using both client-side form validation for user convenience, and server-side validation for purposes of security and data integrity. Our code-base offers substantial protection to our users (and to their data) against attempted abuse. Additionally, we have developed our unique Secure Survey Environment (SSE) that offers a host of additional safeguards to ensure precise data integrity during survey participation. Indeed, SSE makes it possible to separate identifying information from your research data at the point it is submitted, making PsychData significantly more confidential than paper-and-pencil research methods.
|
Summary |
|
PsychData has been carefully designed to provide superior online research services to the social science community in a secure setting. The security of our systems and our member’s data is our top priority. If you have a question or concern about the safety of online research, we encourage you to contact us to find out more.
|
Library
