Privacy Policy
ApplicantOne respects the privacy interests of all clients, employees and job applicants. We are committed to protecting any information provided to ApplicantOne. We follow industry best practices to safeguard personal information by securing our methods of data transmission and storage.
Security is a high priority and is an integral part of our system. Attention is given to high publicity threats such as viruses, denial of service attacks and other malicious activities over the Internet, as well as to maintaining the integrity and confidentiality of sensitive application data such as credit reports, social security numbers, and other identifying information. ApplicantOne’s development staff uses industry-leading technology to secure the system and its operating environment, including client authentication (password-controlled access), Secure Sockets Layer (SSL) protocol, 128 bit data encryption, public-private key pair, firewalls, intrusion detection, filtering routers, and data backups. Each component acts as a layer of protection to safeguard information from unauthorized users, deliberate malfeasance, and inadvertent loss.
Client Authentication – All access to the system is authenticated by username/password and sensitive information is available only to key personnel. Under no circumstances do unauthorized persons have access to personal information. User IDs and passwords are deactivated immediately upon termination or change of job assignment. Password-controlled access requires clients to authenticate through a private login ID and password before entering the system. After authenticating to the system, sessions that remain inactive for a period of time are expired, requiring the client to re-authenticate before continuing. Passwords are protected in the system using sophisticated hashing schemes, never shared, and combine with a Secure Sockets Layer (SSL) protocol transport layer to protect against eavesdropping, server impersonation, and stream tampering.
Passwords must be reset at least every 45 days and must conform to the following best practices:
- Minimum 8 characters in length
- Mix of alpha, numeric and special characters
- No re-use of a password for 6 months
- No automatic scripting of passwords
In addition, any devices/systems used to obtain information services are to be turned off and locked after normal business hours when unattended by key personnel.
IP Restrictions – System access can be further restricted at the group or user level by IP address or IP range. Any attempt to authenticate to the system from a client machine outside of the configured IP address or IP range will be rejected.
Encryption – All transactions are performed in a secured environment. All transmission via ApplicantOne’s system uses the Secure Sockets Layer (SSL) protocol with 128-bit encryption. The data travels encrypted and can only be decrypted with a public and private key pair.
Firewalls, Intrusions Detection and Filtering Routers – ApplicantOne’s servers are protected by firewalls, intrusion detection, and filtering routers which verify the source and destination of the request traveling in information packets. The routers and firewalls are configured to reject any unauthorized traffic. The system uses network devices that only allow permitted traffic through the devices. Routers keep out traffic that does not emanate from either end of the secured session.
Physical Security – The servers are hosted at a state-of-the-art facility that is staffed on-site 24/7 to provide an immediate response to any incident. Access to the facility is restricted to authorized personnel and is secured by both password-protected keypads and biometric scans. Door, glass, and motion events at the facility are digitally recorded and archived, as well as observed live by facility staff for any suspicious activity. UPS systems and a 500-kilowatt diesel generator ensure electrical service to the facility. Multiple fiber providers provide Internet connectivity with diversified entry points into the facility. The cooling system incorporates redundant components, excess capacity, and high-efficiency technologies to maintain an optimal operating environment for the servers.
Employees - All ApplicantOne employees must pass a thorough background check and confirm a confidentiality agreement as a requirement of their hiring process. They are comprehensively screened and trained to ensure that all information is handled responsibly and in accordance with our privacy policy. It is a requirement that all ApplicantOne employees take precautions to secure any system or device that has access to personal information.
PPI (Consumer Information) - Personal information is processed only with the consumer’s knowledge and authorization. Only information that is actually needed is collected and processed. Personal information is protected from unauthorized or accidental disclosure and is only seen by those persons who need it to perform their job to provide the products and services authorized by you. Personal information is retained only as long as is required by law.
Data Integrity – Servers are configured with mirrored hard drives to provide real-time, fail over redundancy. Additionally, nightly backups of data are scheduled, with archives removed weekly to an offsite location for additionally redundancy.
User Responsibility – Users are expected to guard their password carefully and to not share it with or disclose it to anyone, for any reason. ApplicantOne staff will never ask users for their passwords. Users must also ensure the security of their ApplicantOne sessions by completely logging out of the system when finished and not leaving active sessions unattended. Paper and electronic copies of reports must be carefully controlled to prevent the unauthorized distribution or disclosure of personally identifying applicant information.
A robust and secure system requires a multi-faceted solution with hardware, software, and education. Critical to the success of any secure system is the education of its user community and employees on the importance and sensitivity of information. Knowledge of why and how data is secured, and the permissible uses of all information, is essential in maintaining the integrity of the system and its contents.