Your Security
Our Priority
We work hard to keep your information confidential.

Security

Safeguarding your confidential information takes a multi-pronged approach. From transport encryption, to transparent encryption/decryption of data at rest, to data sanitization and validation and more, we're putting our best foot forward.

Transport Encryption

We use only High Grade transport encryption for securing your web browser session to both our website and our cloud software application. Using High Grade encryption helps ensure that your connection cannot be intercepted and decoded or eavesdropped on while in transit between our servers and your computer. If you're reading this, it means your browser supports high grade encryption. You cannot access our website or our app without encryption enabled.

Encryption at Rest

When you create Filers/Companies and Recipients, sensitive information such as Tax ID, Name, Address, etc are encrypted using the AES algorithm with 256-bit keys (AES-256) in CBC mode. This is the same encryption approved/required for TOP SECRET military documents. Each customer(what we call a Registrant in our system) is provisioned a unique set of encryption keys that differ from Registrant to Registrant. In the event of an unauthorized disclosure of a given Registrant's core cryptographic keys, the impact would be limited to a specific Registrant, not all customers. Additionally each users password is hashed using a key derivation function with a high cost (iteration) count.

Data Validation/Sanitization

We sanitize information and strip potentially malicious data from all input fields on our website and our cloud software application. We further validate each field's information to ensure it meets our programmatic expectation for insertion into our database.

Parameterized Statements

We exclusively utilize parameterized statements when inserting/retrieving/updating/deleting information from our database. This prevents SQL injection attacks, which in the 2013 OWASP Top 10 was ranked number one in application security flaws.

Compliant Hosting Environment

Our servers run SELinux in enforcing mode hosted on AWS (Amazon Web Services). Amazon infrastructure was designed and is managed in alignment with the following regulations, standards, and best practices including: HIPPA, SOC 1/SSAE 16/ISAE 3402 (formerly SAS70), SOC 2, SOC 3, PCI DSS Level 1, ISO 27001, MTCS Tier 3, FedRAMP (SM), DIACAP and FISMA, ITAR, FIPS 140-2, CSA, MPAA. You can read more about Compliance in the Amazon AWS infrastructure by visiting the AWS Compliance site.

Compliant Print & Mail Processing Facility

The facilities we use for Printing & Mailing your forms passed an SSAE 16 Type II audit and works with businesses in the Financial, Healthcare, Tax and other industries that handle sensitive information.

Multi-Factor Authentication

We support Multi-Factor authentication to add an extra layer of security to your account. Multi-factor authentication requires at least two independent authentication factors. E.G. something you know (your password), and something you possess (a secret code on your smart phone). Essentially once you enable this feature in your profile, we provide you with a QR code you can scan with your smart phone using Google Authenticator (or similar). Once scanned a code will be available in the Google Authenticator app that rotates every thirty seconds. You will be required to type in your E-Mail Address, your Password, AND this six digit code when you login. This helps keep you safe in the event somebody with malicious intent gets a hold of your e-mail address and password. Without your smart phone too, they would be unable to access your confidential data.

Simple, Secure And Cost Effective

With our comprehensive features and forms, our industry leading security, and our fantastic support team, let E-File Magic help you meet your year end reporting requirements. You can try our cloud software at no cost or obligation. Register today!