We have recently received some questions about how we protect the privacy and integrity of the data of those who use Time Doctor. Here you will find further information about the security measures we have implemented in order to demonstrate our deep commitment to keeping all the data our clients have entrusted to the Time Doctor system safe and secure.
Whether you are uploading task changes, recording time worked, transmitting screenshots, or doing anything else that involves communication between your browser and/or the Time Doctor desktop application and our servers, you can rest assured that your data is always safe from interception or compromise.
How do we keep your information secure?
We have implemented the industry standard used by millions of websites to protect online transactions with their customers, known as SSL (Secure Sockets Layer) encryption.
SSL is the global industry standard security technology for establishing an encrypted (coded) link between a web server and a browser.
To know that the connection is secure, make sure that you see the lock symbol when sending sensitive information over the internet.
A Short Introduction to SSL
"Web servers and browsers use the Secure Sockets Layer (SSL) protocol to create a unique, encrypted channel for private communications over the public Internet. Each SSL Certificate consists of a public key (used to encrypt information ) and a private key (used to decipher it)."
When you use Time Doctor, a level of encryption is established between your Time Doctor desktop application and/or web browser and our remote servers.
Encryption means that your data is put into a code format to make it meaningless to anyone who cannot decode it. We all know that codes can be broken, though, so how can you trust that the SSL coding we use is strong enough to make sure that no one can break it? Read on to find out.
The Details for the Encrypted Connection That Time Doctor Uses
The connection to this site is encrypted and authenticated using TLS 1.2 (a strong protocol), ECDHE_RSA with P-256 (a strong key exchange), and AES_256_GCM (a strong cipher).
NOTE: Any site that uses SSL certificates has a little padlock in the address bar. You can click on this padlock to get the SSL certificate information.
Can this code be broken? To understand how strong the 256-bit level of security is, any type of encryption higher than 128-bit is strong encryption. 128 bits is over one trillion multiplied by one trillion times more secure than 40-bit encryption.
In practical terms, what this means is that at current computing speeds, a hacker with the time, tools, and motivation to attack using brute force would need over a trillion years to break into a session protected by a strong encryption certificate.
If you do further research into cryptography and encoding, you will find that strong encryption is a standard of coding that cannot be broken using any known type of computer or within a reasonable amount of time.
This is why SSL is the security standard used around the world by bank and credit card websites, e-commerce sites, and, in fact, by any site or company who demands the most secure form of protected communication to keep their users’ personal and financial information safe.
So, you can be fully confident about the security of your data thanks to Time Doctor's implementation and use of 256-bit strong encryption SSL certificates.
When it comes to your data on the Time Doctor servers, rest assured that all the information, logs, and data you have entrusted to us are also safe. All of our files and databases are protected with secure file encryption standards and algorithms.
Additionally, all of Time Doctor's servers are in data centers that are monitored 24/7 and maintained with industry standard security protocols. They have special intrusion detection systems to completely block any malicious connections or attempts to hack into the system.
We hope you will agree that Time Doctor is completely committed to the safety and privacy of your data. We have made and will continue to make every effort to ensure that we are worthy of the trust you have placed in our company with your valuable time, resources, and money.
Please contact us at firstname.lastname@example.org if you have any other questions regarding the security measures and protocols we use to protect our customers’ data.