Data Security
The ESC attaches great importance to data security and strictly abides by the data protection act. Due to our high security standards, researchers can collect sensitive data such as staff questioning, bank information, or medical examinations.
- Administrative firewalls
- Address data and result data
- Data deletion
- Passwords and codes for personalized surveys
- SSL – Secure data transmission
- Rights allocation system
Administrative firewalls
In order to guarantee that no unauthorized person has access to the systems all network traffic to and from the server is protected by central firewalls. These firewalls are packet filters.
The online platform (including any downstream systems) is protected against the Inter-net and other data networks and systems in QuestBack’s computer centre by firewalls (operated in a “demilitarized zone” (DMZ)). The firewalls are configured in such a way that the platform can only be accessed from the Internet via HTTPS (TCP port 443). Access from internal networks is only possible via the protocols that are mandatory for the administration and surveillance of the platform.
Staff can only access the online platform through HTTPS with an asymmetrical key comprising 1024 bits and a symmetrical key comprising 128 bits. An appropriate SSL server certificate from an accredited certification authority can be installed on the online platform on order of the client.
Only encrypted protocols (SSH or similar) are used to allow staff administrative access to the platform.
Direct remote/dial-in access to the online platform (e.g. for maintenance purposes) is not permitted. All accesses of this type take place using encrypted protocols (SSH or similar) after prior reliable authentication. Access is only possible from the agent’s data networks.
Additionally, the physical systems are protected by anti-theft measures (video surveillance, alarmed windows and doors, motion detectors, patrols by security officers, etc.).
Address data and result data
The ESC ensures that personalized data and respondents’ data is kept separately. The respondents’ data is stored using specific identifying information that is created according to the order of access under a specific code. The access code is not stored in the data set of the survey. Thus it is impossible to assign the survey data to the email address (unless agreed otherwise).
Data deletion
Before disposal (of, for instance, back-ups), data media are erased (overwritten seven times with random data patterns in line with VSITR) or destroyed (in line with DIN32757, security level 4 or higher) to ensure that the data cannot be restored under any circumstances.
Passwords and codes for personalized surveys
Participants’ access to personalized questionnaire is protected by passwords or integrated codes. Participants within a personalized survey get a code which is sent to them via mail and enables the user to access the questionnaire. The codes are recompiled automatically by the internal password module of the survey centre. All codes consist of sixteen digits. They are alphanumeric (a-f, 0-9) and of course unique, i.e. the same password can not be generated twice.
As soon as the participant has completed the questionnaire the code will be blocked so that he cannot take part in the survey again. However, participants can break off the operation and resume filling in the questionnaire later on. If required, they can as well change their answers.
SSL – Secure data transmission
Optionally, ESC survey data can be transmitted over the internet using the secure and reliable encryption method https. All data which is exchanged between the browser and the server is fragmented into indecipherable character strings. Thus it is avoided that a third person, potentially listening in on the connection, is able to read the data.
Rights allocation system
Due to the ESC’s reliable rights administration, unauthorized persons do not get access to our survey software. The system is protected by passwords, i.e. you can only access the system by entering a valid user name and the corresponding password. The passwords contain at least eight characters, with at least one numeral and one letter.
Furthermore, it is possible to create different teams (across different parties, incl. organizations and other universities) with the help of the rights administration. Those teams are later able to access the system, but can only see and edit those projects that they were assigned to.