Keeping your Data secure with UNIQUEDOC Security
Data security is everyone’s concern but it’s our business to make sure your data is secure and always remains under your control, and your control only.
Data storage and transfer
UNIQUEDOC’s back-end is made up of encrypted file storage, session traversal and signalling chat and media streaming servers. There are several multi-core 64bit cutting-edge Ubuntu Linux servers in different geographical locations using Apache HTTP, NGINX proxy, MySQL and MongoDB databases, ReactJS, NodeJS and PHP stacks organised in a resilient cluster. UNIQUEDOC has developed a custom PHP framework optimised for dynamic content loading and unique security analytics. On the front-end the web app includes chat integration. We also have iOS and Android apps for improved user experience.
UNIQUEDOC is registered in the UK with the Information Commissioner’s Office (ICO). The ICO is the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. The ICO enforces and oversees the following legislation: Data Protection Act 1998; Freedom of Information Act 2000; Privacy and Electronic Communications Regulations 2003; Environmental Information Regulations 2004; INSPIRE Regulations 2009.
Encrypted file storage
UNIQUEDOC uses Encrypted file storage for content uploaded through the website portal and via mobile devices. This file storage is kept separately from web servers and databases. It is organised across a number of data servers with active mirroring in place for backup purposes. All files being transferred from or to the storage are encrypted with an AES-256 cipher. Keys are also stored separately.
Security is all in the detail!
What is an SHA?
An SHA (secure hash algorithm) is the most common hash algorithm in use. There are currently two different SHA algorithms, both are a one-way encryption and are irreversible. To keep your data safe we use SHA-512. UNIQUEDOC also uses a 512-bit 3rd generation Whirlpool algorithm and RIPEMD-320 developed by a European consortium, which are cryptographic hash functions of strongest encryption level.
What does AES-256 mean?
AES (advanced encryption standard) is a symmetric key algorithm which means that the ‘key’ used to encrypt the data is the same key that unlocks this data when received. What is a 2048-bit? It’s a certificate that is considered an industry standard and was made mandatory for all internet websites in January 2014. The certificate helps protect websites against hackers that are posing as legitimate internet websites and against malicious viruses on public WiFi hotspots.
What does double and triple encryption mean?
When we talk about double encryption we are speaking about your data as it is at-rest and in transit. Triple encryption refers to any data put into your Secure Vault which has the added security of a password set up by the user (unknown to us and irreversible).
What does it mean to be protected ‘at-rest’?
Data at-rest means any data that is inactive and stored in digital form. This could mean any data stored on servers, databases or on a cloud. Data at-rest is double-encrypted and is never stored on your mobile device.
What does it mean to be protected ‘in-transit’?
Data in-transit or in motion is any data that is being transferred from one device to another. UNIQUEDOC’s in-transit data is secured through a double encryption process which means that as your data is sent from one device to another there are two levels of security that surround this data; making it more difficult for would-be hackers to intercept these messages.
How secure are the cryptographic algorithms on the UNIQUEDOC app and website?
They are considered the best in the industry and are the same ones currently used by governmental and military organisations around the world.
Can anyone access the servers?
No one apart from our super administrators have access to the UNIQUEDOC servers. Moreover, these super administrators do not have access to anything stored in your Secure Vault, Cloud and cannot see passwords or PIN numbers.
Can anyone enter my Secure Vault?
No one, including super administrators have access to your Secure Vault. An extra layer of security has been added to the Secure Vault where the user chooses their own password. Should the user lose or forget this password all contents of the Secure Vault will be lost. It should be noted that while this information is stored on the UNIQUEDOC servers no one is able to enter the hard drives where this information is stored.
UNIQUEDOC is secure 24–7–365
UNIQUEDOC protects you against vulnerabilities like Heartbleed with constant updates and monitoring of the technical state of our hardware, checking our servers to ensure there have been no security breaches, and have employed a third party security company to check for weaknesses in our security system.
Security questions or issues?
If you have any questions about UNIQUEDOC security and collaboration solutions, please get in touch with our team.