TruQC knows you care how your information is used and shared, and we appreciate your trust that we will do so carefully and sensibly.
TruQC is hosted with Amazon Web Services (AWS). Development and testing environments are hosted in Oregon, a FedRAMP-approved facility. Production is hosted with GovCloud, a FedRAMP and ITAR-compliant facility, meaning only US citizens have both physical and virtual access to the data and the hardware. Our security standards comply with the NIST 800-171 requirements for Controlled Unclassified Information, meaning we adhere to the most stringent standards to keep your data secure.
US Facilities, US Citizens
All instances are hosted in the United States. Only US citizens have access to Production data, which is kept intentionally minimal.
TruQC exercises the full AWS RDS 35-day backup retention period option, as well as capturing monthly image full snapshots.
Encrypted Transmission via HTTPS
Communication from the mobile or web-based application is done over industry-standard HTTPS encryption with an SSL certificate issued by GoDaddy that confirms 256-bit encryption and uses SHA-2.
Passwords are hashed in the database and have strict minimum requirements. If your facility requires Multi-Factor Authentication, we can implement it for you.
TruQC performs nightly vulnerability scanning, status monitoring and allows users to automatically log- in and out using Touch ID.
We endeavor to resolve all complaints about privacy and the collection or use of customer information. If you have questions or complaints, please send an e-mail to firstname.lastname@example.org.
Last Updated May 20, 2016