InMoment

Security Policy

InMoment Security Policy

InMoment takes the security of our clients and the privacy of their customers very seriously. We have put in place technology and policies designed to secure our clients' data and ensure that their client's information is kept safe.

Physical Security
Our servers are hosted at state of the art facilities that deliver a secure and stable environment for our client's data. These facilities provide:

  • 24x7 on-site staff to constantly watch data center conditions including doors and cameras
  • Video Monitoring of facility access
  • Biometric access using two-factor authentication
  • Redundant power backed up by UPS and generator systems
  • Triple-redundant connectivity for maximum availability and bandwidth
  • Environmental control including temperature and humidity
  • SSAE 16, Type 2 Certification

Network Security
Our team of network and system administrators constantly monitors our services using sophisticated monitoring hardware and software available today. We have put in place a set of policies and technologies designed to provide a high level of security, below are some of the highlights.

  • Access control and auditing of access logs
  • 128-bit SSL encryption while data is in-flight between our servers and client's web browsers
  • 256-bit data encryption during storage for sensitive information is available
  • Intrusion detection and prevention hardware and software guards access at the perimeter of our network
  • Encrypted Data Backup is routinely performed to provide minimum data loss in the event of a catastrophic failure

People Processes
Our team is just as vital to our services as the hardware and software is so we have instituted a set of policies and procedures designed to help us deliver a high level of service. These include policies covering client support, disaster recovery, incident reporting, physical facility access, and day-to-day operations.

Business Continuity and Redundancy
InMoment' solution is hosted on sophisticated computer hardware and software components that may fail at some point. We have designed our system to be as resilient and as available as possible, but we cannot guarantee it will be available all the time. The following are some of the elements of our system design:

  • N+1 Redundant hardware components allow for failures with minimal service interruption
  • Redundant internet connectivity through multiple carriers so that internet problems won't get in the way of clients access to our systems
  • Geo located data backup to minimize exposure to disasters
  • Data protection and backup through multiple redundant servers

Client Responsibilities
We expect that our clients do the following:

  • Use the InMoment Services in accordance with their InMoment Service Agreement
  • Because our service allows each client to configure their own password policy, we expect our clients to use industry best practices for their password policy to protect their users' password from compromise
  • Use commercially reasonable efforts to prevent unauthorized access to the InMoment Services
  • Notify us promptly of unauthorized access or use