Security

Looking for something specific? Use our search.

Feel Safe with Our Security Protocols​

EI3PA Compliant

SSAE SOC2 Compliant

SOC3 Compliant

PCI Compliant

Security is a high priority for Verified First’s applicant screening system. Verified First guards against high threats such as viruses, denial of service attacks, other malicious activities over the Internet. We also maintain confidentiality and integrity of sensitive application data. Industry-leading technology is employed to secure our website and its operating environment, each component safeguarding from unauthorized users, deliberate malfeasance, and inadvertent loss. Verified First uses Amazon Web Services for its infrastructure, ensuring we qualify for a comprehensive list of certifications which includes PCI Compliant, SAS 70 Compliant, SOC3 Compliant, SSAE SOC2 Compliant, and EI3PA Compliant. 

Data Integrity 
·      Database servers are configured with mirrored hard drives to provide real-time, failover redundancy.
·      Nightly backups of data are scheduled, with archives removed weekly to an offsite location for additional redundancy.

Encryption 
·      All transactions are performed in a secured environment and system access requires use of HTTPS.
·      Supported web browsers automatically secure the session with Secure Sockets Layer (SSL) 3.0 or Transport Layer Security (TLS) 1.0 protocol using 128-bit encryption.
·      All encrypted data can only be decrypted with a public and private key pair, thus protecting against eavesdropping, server impersonation, and stream tampering.
 
Firewalls, Intrusion Detection, and Filtering Routers 
·      Systems servers are protected by firewalls, intrusion detection, and filtering routers which verify the source and destination of communications.
·      Routers and firewalls are configured to reject any unauthorized, suspicious, or disallowed traffic, including traffic that does not emanate from either the client or server.

Physical Security 
·      The physical servers are hosted at a state-of-the-art colocation facility that is staffed on-site 24/7 to provide an immediate response to any incident.
·      Access to the facility is restricted to authorized personnel and secured by password-protected keypads and biometric scans.
·      Door, glass, and motion events at the facility are digitally recorded and archived, as well as observed live by facility staff for any suspicious activity.
·      The cooling system incorporates redundant components, excess capacity, and high-efficiency technologies to maintain an optimal operating environment.
 
User Authentication
·      Passwords are protected using sophisticated hashing schemes 
·      Passwords recovery allows users to reset a password by entering their email and clicking a link sent to their inbox