SECURITY

ClinicSoftware.com takes your privacy and data security very seriously. Data Protection Act Registered. Https Security Certificates & Encrypted all connections. Plus Two-Factor Auth App; SMS; Call; Google Authenticator to protect and secure.

All communications with our servers are encrypted with SSL/TLS (Transport Layer Security), the Data Centre is located in Canary Wharf London. 
We follow the latest industry standards and guidelines for protecting our customer's data against unauthorised access.

For improved security we also offer the ability to use two-factor authentication, 
This feature is also implemented by the banks requiring you to use a separate device, an application on your phone or SMS code verification when you log into your bank account. 
When activated even if someone steals your password they cannot access the software without the second authentication mechanism.

We implement two-factor authentication using:

  • TOTP (Time-based One-time Password Algorithm) using the Google Authenticator application on your phone, This method generates an unique code every 30 seconds that has to be entered when you log in. The setup is simple, add the TOTP authentication method from the software and then scan the QR code with your mobile from the Google Authenticator App. After the setup is complete every time you log into the software you will be asked to enter the 6-digit code that refreshes every 30 seconds from your phone into our software in order to validate your login. This method does not require internet connection on your phone.
  • Duo Security (duo.com) integration: Duo Security is a worldwide leader in secure access solutions, It offers a comprehensive security solution allowing users to authenticate with:
    • Duo Push notifications
    • Duo Mobile passcodes
    • Phone callback
    • SMS passcodes
    • U2F tokens (e.g. Yubico)
    • Hardware tokens

You can also set up restrictions on operating systems, disk encryption, tampered devices (e.g. rooted android devices or jail-broken iPhones/iPad), fingerprint recognition and more.

For availability we use cloud VPS servers from our provider with the highest specifications, should one virtual server suffer an outage your data will be instantly transferred to a live machine with no interruption. We use database replication and also back up the databases daily on a separate server.