Security

We work extensively to protect our clients and their sensitive information. From the careful selection of data centers to ongoing cybersecurity training for our team members, we take data privacy seriously.

We address data security and privacy at DSI in three phases:

First, we focus on best in the industry physical security of all data and equipment. Even in a digital world, we believe you cannot overlook physical security.

Next, we address cybersecurity safeguards by placing an emphasis on both the encryption and backup of critical data.

Third, we strategically work with DSI Team Members to follow closely monitored security and data handling procedures.

Through these three phases, we ensure the important data of our clients receive the utmost care and privacy.

DSI Security Diagram

Security Highights

  • Data Centers are all HIPAA, HITECH and SSAE 16 SOC II certified and PCI compliant

  • All data is encrypted using AES 256 bit encryption prior to transfer over a secure SSL

  • All DSI Team Members undergo extensive background checks

  • All DSI Team Members participate in regular required trainings in data handling and security

  • All DSI Team Members are required to change passwords every 60 days

  • Cyber Liability Insurance not only covers DSI but our clients and their employees

Client Best Practices

We regularly communicate to client employees the importance of ‘blacking out’ critical personal information like bank account and social security numbers. This simple step goes a long way in limiting data misuse.

Project Security Standards

DSI takes an exhausting amount of steps to ensure your data stays secure. We believe in having a well-defined and comprehensive security processes, policies, and procedures to keep client data safe throughout the entire process.

Data Center Security

All data centers are under 24-hour monitoring to cover both server performance and the physical security of the center itself. These carefully selected data centers meet rigorous certification standards (SSAE 16 SOC II) ensuring safe handling of your data throughout the verification process.

Document Shredding

In the case where a client’s employee sends sensitive information to DSI via mail, we work quickly to process the documents so we can immediately and thoroughly shred all information.

Limited Access

We make sure that the only Team Members who see sensitive client data are the personnel responsible for verifying documentation. All other members of DSI are restricted.

Workstation Security

DSI Workstations are routinely monitored and updated with the latest security patches and protocols. Additionally, we limit what can be saved on machines to keep data from falling into the wrong hands.

Data Encryption

We encrypt all client data AES 256 bit encryption which occurs prior to transferring over a secure SSL connection.

Access Restrictions

All accounts at DSI have limited access restrictions, meaning no person has access to any data that isn’t expressly required to do their job. If a project scope changes or a Team Member switches positions, so does their access.

Firewalls

All DSI networks are secured by firewalls with 24-hour monitoring to keep unwanted visitors on our systems. We even offer firewall protection for Team Member home networks, just to make sure everyone is safe when working with and around DSI client data.

Backups

Our data centers, websites, and machines all receive thorough routine backups to make sure no information goes missing.

Background Checks

All DSI Team Members undergo extensive background checks so our clients are comfortable with anyone handling information.

Password Protection

Any password a DSI Team Member uses must change every 60 days. Additionally, after logging into our industry-leading Employee Portal, your employees will be asked to change their password to make sure their data remains safe.

Liability Insurance

DSI purchases full coverage, not only for our organization but for our clients and their individual employees. Our underwriter, John Hancock is an industry leader and works closely with DSI to make sure everyone’s covered.

Malware Protection

Every DSI machine must have malware protection installed to make sure your data never gets transferred into the wrong hands.

MFA

Whenever possible, we utilize multi-factor authentication and never allow social logins. This method of authentication keeps unauthorized users from accessing DSI (and client) data.

Ongoing Training

We understand the best encryption available is no match for social engineering from threats. That’s why we routinely require DSI Team Members to undergo cybersecurity training and stay up-to-date on best practices and procedures.