Live Chat Security Information
How do you keep my password safe?
We use a One-Way hashing method that enables us to create a special “Hash” of your password.
This secret code generated from your password is what is stored on our systems. This code is also “salted”, this means we add our own secret code into the code too to make it even more secret.
These codes cannot be “decrypted” so in the event of a data breach / loss. Your password will remain hidden and safe.
Do you hold any of my credit card information?
No.
We use 3rd party payment processors (Paypal, Worldpay) .
All payments are handled by our suppliers and no information other than authorisation from our suppliers is given to us.
How does IMsupporting secure data in transit?
Data transmitted between IMsupporting and End users is SSL/TLS encrypted (https).
We use industry leading ciphers and encryption where possible. TLS/SHA256/RSA
Our certificates are issued by the LetsEncrypt CA and are typically valid only for 1 to 6 months
These certificates are rotated frequently to give you the most secure experience around.
How does IMsupporting secure chat data at rest?
Chat data once received by IMsupporting is stored on one of our multiple database servers.
These servers are typically hosted within the UK and within secure facilities.
Servers hosting data have drive level encryption enabled to prevent physical data loss.
Access to our core systems is restricted to our own management and technical staff as required.
What happens if I lose my login details?
Customers using our shared platform can visit this link https://console.imsupporting.com/forgot-password/
Dedicated customers, please refer to your documentation or contact support.
If you have any further questions, please contact our support team at ( Support@IMsupporting.com )
How do your staff access my data?
Staff at IMsupporting have internally accredited laptops. These are only allowed to be used to connect to our systems.
Connections to our systems are also 2 Factor Authenticated and use a secure encrypted channel between the engineers laptop/desktop and the remote server.
Servers typically only allow management access from our own known Management IP ranges are are not visible to the internet.
Accreditation
IMsupporting is a Small cloud based SaaS provider based in the UK.
We have a small amount of corporate infrastructure and as such, no internal accreditation has been done. (ISO/PCI etc)
We do however hold UK, Cyber Essentials accreditation Cert#: 3969185847729018
Our hosting supplier(s) also hold a vast array of accreditation relating to the hosting of our services and their own internal business practise.
We also run regular vulnerability scans on our infrastructure and also engage with 3rd party suppliers for annual scans as part of our accreditation.
IMsupporting also offer a small Bug Bounty program where critical issues brought to our attention before being made public are rewarded and welcomed.
Dedicated / Bespoke Clients*
Please note that users of our Dedicated or Bespoke platforms may have different agreements in place with regards to data security.
Please contact support@imsupporting.com for more information or refer to your dedicated package documentation / contract.