Data security

Every effort is made to ensure your data is secure and there when you need it

Built with Security in Mind Built with Security in Mind

Architectured from the ground up to ensure the highest level of security for your data. Our code is OWASP compliant and reviewed regularly.

Auditing Auditing

We audit all actions performed within Injury Master and everything that occurs on our servers. Server audit information is sent back to our central auditing suite.

Warm Failover Warm Failover

In the case of a major outage Injury Master will fail over to servers at a remote datacentre. Failover is performed manually within an hour once the nature of the outage has been determined, making our Recovery Time Objective (RTO) 1 hour.

Disaster Recovery Disaster Recovery

We continually stream your data to our failover servers and take full database backups each hour, making our Recovery Point Objective (RPO) at best ~1 second and at worst 1 hour.

Penetration Testing Penetration Testing

We use third parties to perform regular pentetration tests of Injury Master and our server infrastructure. If they happen to find anything, we fix the issues immediately.

Encryption Encryption

We use Secure Sockets Layer (SSL) for all communication with Injury Master and inter-server communication. All documents and data backups are encrypted at rest using AES-256 encryption.

Datacentres Datacentres

We will only ever operate in Australian Datacentres which have at minimum N+1 redundancy and are certified to ISO 27001, SOC 1 Type II and SOC 2 Type II.

Stored Within Australia Stored Within Australia

All your data, including backups, are kept within Australia. We will never store your data overseas.

Firewalls Firewalls

Access to all our servers is firewalled with only public services being made accessible.