Architectured from the ground up to ensure the highest level of security for your data. Our code is OWASP compliant and reviewed regularly.
We audit all actions performed within Injury Master and everything that occurs on our servers. Server audit information is sent back to our central auditing suite.
In the case of a major outage Injury Master will fail over to servers at a remote datacentre. Failover is performed manually within an hour once the nature of the outage has been determined, making our Recovery Time Objective (RTO) 1 hour.
We continually stream your data to our failover servers and take full database backups each hour, making our Recovery Point Objective (RPO) at best ~1 second and at worst 1 hour.
We use third parties to perform regular pentetration tests of Injury Master and our server infrastructure. If they happen to find anything, we fix the issues immediately.
We use Secure Sockets Layer (SSL) for all communication with Injury Master and inter-server communication. All documents and data backups are encrypted at rest using AES-256 encryption.
We will only ever operate in Australian Datacentres which have at minimum N+1 redundancy and are certified to ISO 27001, SOC 1 Type II and SOC 2 Type II.
All your data, including backups, are kept within Australia. We will never store your data overseas.
Access to all our servers is firewalled with only public services being made accessible.