Security
At ValueLink Software, we understand the importance of your information and data that is stored in our servers. We go the extra mile to ensure that your data is protected and does not fall into the wrong hands, ensuring privacy for you and your customers while meeting regulatory compliance requirements.
We have a no compromise approach towards data security and that is why we utilize a world-class infrastructure for our hardware and incorporate industry best-practices for security of our application.
Infrastructure
All ValueLink systems and infrastructure are hosted in the Microsoft Azure cloud environment. Our infrastructure team has built a completely secure environment from the ground up using the built-in tools within the Microsoft Azure universe. Azure provides us with SOC-2 compliant datacenters, & infrastructure that is scalable, reliable, and built for today’s challenging environment. Some notable items are:
- Securely-hosted servers at certified SOC-2 data centers
- Primary servers are located on the East Coast with Secondary servers located on the West Coast
- Load Balanced servers to ensure reliability
- Enterprise-class backup and restore technologies for High Availability
- Scalable environment to handle extreme workloads
- Full network redundancy
- Best-of-breed equipment for routers, firewalls and servers keeps you online
- 24/7 dedicated prevention systems ensure the network perimeter remains secure
Application Security
At the application level, every instance of ValueLink for every customer comes standard with all security features and all communication within the system is encrypted using AES-256, with HMAC-SHA256 for message authentication and 2048-bit RSA as the key exchange mechanism. Furthermore, our SSL certificates are supported on all major browsers and ensure that the system is securely accessible from any device in the world at any time of the day. Some notable items are:
- ValueLink uses Microsoft’s recommended security structure for web applications
- Role-based security – people only see what they have access to
- Extensive user management panel that gives the administrators full control
- SSL secured communication between the users and our servers to prevent data theft
- Data encryption at rest
- Encrypted password storage to ensure additional user account security
- Secure access for all users. No one can access our systems without valid credentials
- Regular vulnerability testing and web application scanning
Disaster Recovery & Business Continuity
ValueLink Software has developed a comprehensive disaster recovery plan (DRP) to be used in the event of significant disruption. By leveraging the flexibility of the Microsoft Azure cloud, we have managed to achieve a low recovery point objectives (RPO) and recovery time objectives (RTO).
The storage later in our Microsoft Azure environment is configured to run with Geo Redundant Storage (GRS). In addition to creating 3 local replicas of the data in the primary data center, this service automatically replicated our data asynchronously in real time to our secondary data center (located in a different geographical location) and 3 copies of the data are maintained in the secondary data center as well.
In addition, our databases are set up to automatically replicate asynchronously to our secondary data center. Our environment is set up to back up the databases on a daily basis and the daily backup is retained for a full 35 days from the date of the original backup. A backup image of all application servers is maintained for 30 days allowing recovery of specific files or complete servers from the image up to 30 days prior to the current date.
Compliance
ValueLink Appraisal Management Software complies with applicable laws, regulations & standards, including:
- Dodd-Frank Act
- Gramm-Leach-Bliley Act
- ECOA Valuations Rule
- TILA-RESPA Integrated Disclosure
- Appraiser Independence Requirements
- Uniform Standards of Professional Appraisal Practice (USPAP)
Need More Information ?
If you have any questions or require any additional documentation, please send an email to support@valuelinksoftware.com with your requirements.