Security - Job Number "One"

Our commitment is to provide you the highest level of security for your information while still allowing you convenience of worldwide Internet access. We take multiple steps to insure  that your information is protected.

• "Master Key" - Each vitalEsafe account has a unique encryption Key which is used to encrypt  data for transmission and storage and to decrypt data when it is received.
  
• Data is encrypted during transmission using 128 bit SSL .  This method is the  standard for secure data delivery over the Internet.
  
• Stored data is encrypted with AES-256 bit encryption. This is a highly secure information algorithm which the US Government has concluded is sufficient to protect classified information up to the TOP SECRET level.
• Our data center is a highly secure facility with connectivity redundancy, uninterruptible power supply (UPS), diesel generators, IP surveillance systems, motion detection and video archiving, card access system, and network monitoring.  The data center is SAS 70 certified and redundant copies of stored data are maintained locally on our shared nothing GlusterFS storage subsystems.
• There are only two TCP/IP ports open on our servers: 443 - Secure Socket Layer for all communication, and 22 - SSH Secure Shell for administration.  All SSH access requires the use of public key authentication (i.e. no password authentication possible) and failed login attempts result in IP address blacklisting.
• Other steps we take include account locking after multiple incorrect login attempts, timed log-off and account access history.