We take security very seriously at ClickTime. At all times, your data is protected by robust encryption and physical security protocols.
Datacenter Physical Security
ClickTime’s datacenter is housed at a Tier 1 colocation facility. Advanced entry security, ﬁre protection, and extensive backup power generation are provided at this facility. All access to the datacenter is controlled 24/7 by security guards and video surveillance. Additionally, our facility has been given SAS 70 Type II certiﬁcation.
The ClickTime servers reside behind industry-leading routers and ﬁrewalls. All servers are monitored around the clock by three redundant systems. Alerts are generated at any sign of event, which trigger notifications to personnel who are on-call 24 hours a day. Customer data ﬁles are always stored in an encrypted form. All web servers and sites have 128-bit SSL certiﬁcates issued by Network Solutions, veriﬁable by customers at any time.
The ClickTime databases reside on RAID 5 and RAID 1 arrays, which can sustain the failure of any drive mechanism and immediately deploy a standby “hot spare.” All front-end web servers employ mirrored volumes for additional redundancy.
Passwords and other sensitive data are encrypted with AES (the Advanced Encryption Standard).
Load-balancing & Data Mirroring
ClickTime’s public web servers are fully redundant and actively load-balanced. Any individual machine can fail completely without interrupting public access to ClickTime. In addition, customer traffic is always routed to the fastest available machine. The Primary database is mirrored to a Secondary database in real-time. The Secondary database can assume the functions of the Primary database in the event of a Primary database failure.
The ClickTime database (containing all live customer data) is backed up every 30 minutes to multiple machines on the same network within the same colocation facility. Therefore, maximum potential data loss in the event of a primary and secondary database failure is approximately 30 minutes.
An encrypted snapshot of the ClickTime database (containing all live customer data) is sent electronically to a storage datacenter in Massachusetts for 60 days, rendering data loss in the event of a regional disaster or multi-machine failure minimal.
In the event that ClickTime's primary datacenter is damaged or unavailable, ClickTime maintains a secondary "hot" datacenter within its own offices. Data retrieved from offsite backup can be restored and the secondary datacenter made live usually within 4 hours, depending on DNS propagation. We have a contract with an additional datacenter in Massachusetts to have machines available within 48 hours in the event of a major natural disaster in California.