GoodDay Security Statement

Overview

Thousands of organizations have entrusted GoodDay with their work data, and we make it a priority to take our users’ security and privacy concerns seriously. We strive to ensure that user data is handled securely. GoodDay uses some of the most advanced technology for Internet security that is commercially available today. This Security Statement is aimed at being transparent about our security infrastructure and practices, to help reassure you that your data is appropriately protected.

Datacenter security

All GoodDay information systems and infrastructure are hosted in world-class data center at Equinix and AWS facilities. These facilities feature 24/7 manned security, fully redundant power backup systems, physical access controls, biometric authentication systems, extensive seismic bracing, the latest in early-detection smoke and fire alarms, and digital surveillance systems. All server and network components are constantly monitored by internal GoodDay staff and by the colocation providers.

Availability

Over years of service, GoodDay has consistently met or exceeded 99.9% uptime, ensuring customers can access their work data without interruption. Our systems have built-in redundancy to withstand failures and are constantly monitored to keep your work uninterrupted.

Continues data backup

GoodDay is running real-time database replication, to ensure that customer data is both backed up and available on redundant and geographically dispersed servers, physically separated from the application servers, aiming to ensure fault tolerance.

Network and system security

Access Control: Secure VPN, 2FA (two-factor authentication), and role-based access is enforced for systems management by authorized engineering staff.

Encryption in Transit: By default, our survey collectors have Transport Layer Security (TLS) enabled to encrypt respondent traffic. All other communications with the GoodDay platform are sent over TLS connections, which protects communications by using both server authentication and data encryption. This ensures that user data in transit is safe, secure, and available only to intended recipients

Logging and Auditing: Central logging systems capture and archive all internal systems access including any failed authentication attempts.

Testing: System functionality and design changes are verified in an isolated test “sandbox” environment and subject to functional and security testing prior to deployment to active production systems.

Data encryption

GoodDay uses proven transport layer security (TLS) technology from the most trusted providers to encrypt all data transmissions between your device and our servers, commonly referred to as on-the-wire encryption. TLS technology is designed to protect your information by establishing trust of our servers through a trusted third party, and GoodDay.work – Security Statement / July 2017 then creating a secure channel through which your data can pass to our servers protected from malicious actors. We also use AES 256 encryption before data is durably stored, commonly referred to as at-rest-encryption. A dedicated firewall provides a strong barrier of network security from the internet and we utilize Amazon’s S3 service to store and serve uploaded files.

User security

Each user in your GoodDay environment has a unique user name (i.e., their e-mail address). We offer forms-based authentication (username and password) and Google Authentication to all users of GoodDay. GoodDay issues a session cookie only to record encrypted authentication information for the duration of a specific session. The session cookie does not include either the user name or password of the user. GoodDay does not use cookies to store other confidential user and session information, but instead implements more advanced security methods based on dynamic data and encoded session IDs. All account login attempts are logged, and account lockout policies can be enabled to lock account access after a certain number of failed login attempts if requested.

Single Sign-On: For Enterprise accounts GoodDay supports SAML 2.0 integration, which allows you to control access across your organization and define authentication policies for increased security.

Operational management

We have implemented policies and procedures designed to ensure that your data is secure and backed up to multiple physical locations. Our team is continually evaluating new security threats and implementing updated countermeasures designed to prevent unauthorized access to or unplanned downtime of the Subscription Service. Access to all production systems and data is limited to authorized members of the GoodDay Technical Operations team.

Privacy

For more information on how GoodDay collects and processes data, please check our Privacy policy https://www.goodday.work/privacy and Terms of service https://www.goodday.work/tos

Want to know more?

If you have any question or security concerns please contact us at support@goodday.work