We take information security seriously.
DQUBE Solutions have information security policies in place to support the sensitive nature of our operations. Every policy is supported by an implementation strategy including resourcing, communicating, monitoring of performance and compliance. These policies are aligned with IT industry best practice, the Australian Signals Directorate’s Essential Eight, and the Australian Market & Social Research Society’s Information Security Handbook.
All our communications over the Internet use Secure Socket Layer (SSL) and the strongest encryption available. This includes our web servers, application servers and the online survey systems we use. SSL protects and encrypts all data sent between survey respondents’ web browser and the online survey system.
DQUBE Solutions destroys all survey information, including survey instrument, respondent information and survey responses, within 30 days of completion of data collection unless at the written request of the commissioning client.
All files used for fieldwork are secured using proven AES256 end-to-end encryption. This encryption is automatic and happens without our staff or clients even noticing it. When required, we recommend all passwords generated for fieldwork purposes be least 12 characters in length and must meet complexity requirements. Any password and authentication information is never stored in a readable format.
In addition, our file storage system have digital rights management to audit access and maximise file control. The data centers used for file storage and file transfer with clients are located in Australia and are compliant with ISO27001 and SSAE1 standards.
We ensure operating system and application software we use are always up to date with the latest patches, and deploy security software of the highest standards to defend against viruses, spyware, malware and other online threats. Security software capability and virus definitions are updated regularly to ensure the latest security protection is readily available. This protection covers all devices used by our staff – desktops, laptops, tablets and smartphones.
We maintain secured on-site and off-site backups for all business criteria information, and have version recovery capability of up to 10 versions of all files used for fieldwork.
DQUBE Solutions maintains an Enterprise Public Key Infrastructure (EPKI) system to issue and manage digital certificates for our staff. Hence, email communications with staff can be digitally signed and secured using S/MIME when clients use a compatible email application. This provides an additional level of authenticity and integrity to our email communications, and ensures it is not tampered accidentally or deliberately while en route. Achieved via key exchange, digital certificates also allow us to encrypt email communications so that it may only be read and understood by the intended sender and receiver.