System Security and Offsite Data Backups
Rentec Direct is very diligent about ensuring the privacy of your data. A brief non-technical description can be found on our FAQ. Here however is a more technical explanation.
- TLS (Transport Layer Security) & SSL (Secure Socket Layer) - All communication between your computer and our servers is encapsulated within a 256-bit or better encryption layer. This is the same grade encryption used by all major banks for internet transactions and is extremely secure. For more details on TLS and SSL, see this article.
- Additional Encryption - For sensitive data such as payment information or information classified as private or personal, we add a 2nd layer of encryption even when such data is transmitted internally between servers. In the highly unlikely event the TLS layer was decoded, this second layer of security makes it all but impossible for the data to be reconstructed given today's technology. This level of security extends in many cases well beyond best-practices encouraged by the security community.
- Security Best Practices - Our team specializes in programming security, and takes security as a major consideration with every new feature we add into the software. All common programming vulnerabilities are addressed, and re-checked by seasoned programmers, then re-checked by a 3rd party. New code is then "sandboxed" into a private environment that then undergoes even more functionality, bug, and security testing prior to ever being deployed onto the live servers. One example of the security embedded into Rentec Direct is transaction level security. This transaction level security goes further than most software platforms and verifies the permission of the user every single step of the way whether it be adding a transaction, editing one, or editing a tenant or property. To be able to view or edit any data within the system, a process always runs to verify the particular user has permission.
- Storage Security - Payment, personal, and private data is all encrypted prior to storage within a database. This is considered a best practice and also required by the payment industry. This means that these classifications of data are encrypted via high-grade encryption prior to being written to disk. This prevents any physical access to the data in the event of a physical theft from within our data center.
- Manual and Automated Review of Access - All access to the system is monitored by automated means and also reviewed by human beings. This dual-level of access review helps ensure security issues outside of our control such as brute-force attempts are dealt with immediately.
- Third Party Scanning - The banking industry subscribes to a standard called PCI-DSS or Payment Card Industry Data Security Standard. This standard is very strict and not only requires internal audits but requires external verification and external scanning of systems. Rentec Direct employs the same scanning agencies used by banks and other highly sensitive data projects to routinely scan our servers, web sites, and networks to verify we meet their standards and that no vulnerabilities exist in our systems.
- Offsite Backups - We utilize a content delivery network (CDN) from Cloudflare, which serves your data from the closest Amazon data center to you. This is not so much a layer of "security" but a layer of safety in knowing that your data is being maintained to the highest of standards. Even in a worst-case scenario and a meteor wiped out one of the data centers, operations are quickly restored using one of the other 165+ data center locations.
- Experience - Our staff involved in development have been doing development for web based and internet enabled applications since 1996. The public "web" surfaced in 1994, which means our staff has been involved in development of applications which must remain secure on the internet almost the entire lifespan of the public internet. Our in-house experience lends to a more secure, faster, and more usable product.
Between the security measures listed above, and numerous other security mechanisms we have in place, the data stored within our servers is very secure. Because your access credentials are a layer of security in themselves and are up to you to define, please also be sure you are selecting a password which would be difficult for others to guess. Here's a basic guideline of what is considered a strong password.
- Your password should be a minimum of 8 characters, and longer is even better.
- Your password should contain lower and upper-case letters along with one special character or number. If you can mix all 4 character types into your password that is even better.
- Your password should be easy for you to remember, but hard for others to guess.
- Your password should be stored securely. Best case it should be only in your head if you can remember it, or written down and locked up if you cannot remember it. Never store your password in plain-text on your computer.
- Your password should not be the same as your email service password.
Two factor authentication is an additional layer of protection for your data. When you login, you will be prompted for a code which will be sent to you via SMS (text message).