Secure

We take our responsibility to protect and secure your information seriously and strive for complete transparency around our security practices detailed below. Our Privacy Notice also further details the ways we handle your data.

Access Control

Access to Choiceform technology resources is only permitted through secure connectivity (e.g., VPN, SSH) and requires multi-factor authentication. Our production password policy requires complexity, expiration, and lockout and disallows reuse. Choiceform grants access on a need to know on the basis of least privilege rules, reviews permissions quarterly, and revokes access immediately after employee termination.

Security Policies

Choiceform maintains and regularly reviews and updates its information security policies, at least on an annual basis. Employees must acknowledge policies on an annual basis and undergo additional training pertaining to job function. Training is designed to adhere to all specifications and regulations applicable to Choiceform.

Personnel

Choiceform conducts background screening at the time of hire (to the extent permitted or facilitated by applicable laws and countries). In addition, Choiceform communicates its information security policies to all personnel (who must acknowledge this) and requires new employees to sign non-disclosure agreements, and provides ongoing privacy and security training.

Vulnerability Management and Penetration Tests

Choiceform maintains a documented vulnerability management program which includes periodic scans, identification, and remediation of security vulnerabilities on servers, workstations, network equipment, and applications. All networks, including test and production environments, are regularly scanned using trusted third party vendors. Critical patches are applied to servers on a priority basis and as appropriate for all other patches.

We also conduct regular internal and external penetration tests and remediate according to severity for any results found.

Encryption

Choiceform encrypts all data at rest in our data centres using AES 256 based encryption. Additionally, Choiceform encrypts all data in motion using (i) RSA with 2048 bit key length based certificates generated via a public Certificate Authority, for communications with entities outside Choiceform’s data centres, and (ii) RSA 256 certificates generated via Internal Certificate Authority, for all the data within the data centre.

How Do I Get Started?

Ready to find out more about how Choiceform can help drive your business forward? Tell us a bit about your company and we’ll show you how you can use Choiceform to design and improve the experiences you deliver across your organization.

Request a Demo

By providing this information, you agree that we may process your personal data in accordance with our Privacy Statement