We take our responsibility to protect your information seriously. Our standard of excellence is that you will have availability to your secure and separate instance of GroupMind express on a 24-hour 365 days per year basis, with greater than 99.999% uptime in a given month.

GroupMind Express provides a secure, reliable and scalable collaboration environment, which is hosted on servers that we own. Access to our servers is tightly monitored within a hardened facility, allowing entry to only select GroupMind employees and contractors under strict confidentiality agreements. We constantly re-evaluate our security, privacy and reliability policies and adapt them as needed. Please contact us with any questions that you might have about our security measures.

Access Control

Individual client instances are completely separated in the database. Access to every object (folder, meeting, tool) in your GroupMind instance can have specific permissions by group and by user. Users without permission for the object cannot see or access the object.

Backup and Maintenance

GroupMind administrators and maintenance personnel are under contracts that include confidentiality agreements. Our servers are backed up on an hourly basis and are also mirrored at a remote location daily. We will notify you if the servers will be offline for maintenance or upgrades. This has usually been a once per year activity and we attempt to confine this to a low traffic time.

Logs

All accesses are logged by username and IP address. In addition, the web server performs additional logging.

Session Control

Individual users must be authenticated through a combination of unique username and password. Only one individual username can only be logged into the system from a single browser. If another user logs in with the same username from another browser, the first user will be logged out immediately. Note that this feature is not an option. (A Multiple Login mode can be used in same time meetings, when computers are shared by teams.)

Session duration can be limited to a specific idle period before the user is automatically logged out. Optionally, sessions can be "permanent" where the browser remembers session information in a cookie.

Network Authentication

Routers have single factor authentication administered by Hurricane Electric’s Network Operations Center. Software based firewalls are installed on each of our servers. 128-bit encryption is available to establish all data connections.

Redundancy
Disaster Recovery

We back up you data to fail-over servers to provide a redundant hardware path. Additional pre-configured servers with secondary DNS registrations are provisioned in different cities than our main servers.

Penetration Testing

We employ third party security and penetration testing.

Intrusion Testing

In addition to automated monitoring there is a daily review of server logs for non-standard activity (sniffing, port activity, etc.). 

Background Checks

Background checks are performed on all personnel that have access to your data.

Virus Scanning

Virus scanning takes place on all transactions and documents entering and leaving your GroupMind Instance.

Audit Trails

We log all user access and these reports are available on a request basis for your GroupMind Instance. Audit trails are stored in each client's GroupMind Instance.

Changes to this Policy

If we make any changes to this policy, we will notify your organization’s site contact and ensure that there is sufficient communication for all users to understand what has changed. If you have any questions or comments or receive any unwanted e-mail from this site, please contact GroupMind Express support services via e-mail at ken@groupmindexpress.com

Authentication

Authentication is the process that you go through to access your GroupMind instance. This process takes place when you log into your account. The two components of login are your Login ID and Password.

Login ID: Your site administrator will create your own unique Login ID. We are not in control of this function and recommend that your administrator use a Login ID that you don’t commonly use for other purposes.

Passwords: Your site administrator will create your initial password, which is encrypted so it is not available to anyone else. You can change your password at any time by editing your profile.

Transfer of Data

We take every reasonable effort to protect your data when it is on our servers. We cannot guarantee the security of your data while it is being transmitted over the Internet and through servers that are out of our control.

Optional Security

1. SSL
2. Personal Certificates
3. IP Filtering

Secure Sockets Layer (SSL3) technology, a secure communication protocol that protects your privacy is available as an option for your GroupMind Site. SSL enables client and server applications to communicate in a way that is designed to prevent eavesdropping, tampering or message forgery.

Personal Certificates require that the user must have a SSL certificate from a trusted Certificate Authority. This can be a considerable administrative task and expense.

IP Filters can be set up such that GroupMind Express can only be accessed from a specific list of IP addresses. For example, only from the corporate network. This prevents anyone from accessing it from any other location.

   need to know about safety?