Security Policy
This page outlines the security measures and principles our team applies,
so you could safely migrate your data.
Overview of Help Desk Migration Security
Jun 30, 2020, version 3
Your help desk and private data are safe with Help Desk Migration. There are a number of steps we take to ensure and respect your privacy.
However, the measures we take to provide our clients and the visitors of our website a safe experience are not tied to just legal requirements (such as the General Data Protection Regulation, etc.) We believe we have a moral and ethical obligation to safeguard privacy.
Security Levels
Physical Security
Our data centers are located in Germany. Our hosting provider, Hetzner Online takes superior measures that provide physical safety of the hardware.
For instance, data center parks are protected from fire and natural disasters. Only authorized personnel can access via electronic access control terminals with a transponder key or admission card. Data parks are under 24/7 surveillance and are equipped with diesel power generators for autonomous mode.
Network Security
Help Desk Migration network security team protects your data against the most sophisticated electronic attacks. We use the best and proven practices of network security.
Help Desk Migration offers the following preventive measures:
- Network firewalls;
- DDoS preventions;
- Network posture assessment.
Application Security Layer
- Firewalls are in place exposing only the necessary ports through the internet and between different servers.
- We validate all requests to ensure the security on the application level.
- Help Desk Migration transmits data from the visitor's browser to our system using HTTPS.
The data in transfer is encrypted by SSL protocol and ciphers.
Data location
All data Help Desk Migration collects is stored electronically in Germany on the Hetzner Online data center. The data can only be accessed by an authorized staff of Help Desk Migration. No outside sources are allowed to connect to the database.
Security Audits
On a regular basis, we scan all systems to prevent any vulnerabilities. The software is constantly updated, so all connections to the previous version are limited, logged and checked.
We absolutely comply with your confidentiality and guarantee that all your help desk data is 100% secure before, during, and after migration procedure. We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include internal reviews of our data collection, storage and processing practices and security measures, as well as physical security measures to guard against unauthorized access to systems where we store personal data.
Data access and authentication
Only authorized tech engineers at Help Desk Migration have access to the source code, can work on custom migrations and solve support cases on demand of the support staff. Different engineers have different access rights depending on their job requirements. All engineers have their own credentials as well as some parts of the software can only be reached from specific IPs.
Why does Help Desk Migration need specific permissions to perform the migration?
Help Desk Migration asks for these permissions to connect with your current and new help desk systems. After establishing the connection, we can access and transition the data. Without these permissions the help desk migration is impossible.
How to make your Migration Wizard account more secure
Two-factor Authentication
The Help Desk Migration team provides you with the opportunity of 2FA while logging in to your Migration Wizard account.
This way, you will add an extra layer of security to the application and go through two identificatory steps while gaining access to your data:
- Firstly, you’ll need to enter your email and password or sign in with your social media profile.
- Secondly, you’ll be required to reaffirm your willingness to log in to your Migration Wizard account by providing a variable code generated by the authenticator application that has to be installed on your phone.
Only after passing these two verification steps you will get access to your Migration Wizard account.
If you decide to enable it, simply go to your Account Settings > Two Factor Authentication and drag the slider to the right.
The Monitoring of User Activity Sessions
The Help Desk Migration service allows you to view the history of user activity sessions in Migration Wizard.
As follows, you will be able to track all information about any user activity in your account. Such details as IP address, the device that was used during the session, and the login time will be recorded each time somebody logs into your Migration Wizard account.
Moreover, all actions that will be performed during user activity sessions will be captured. Finally, you’ll have an option to revoke any previously performed session. So, in case you granted access to your account to someone on your team, you will be able to revoke any user activity session on their device if needed.
In order to gain information concerning user activity in Migration Wizard, go to your Account Settings > Active Sessions.
Certification & Compliance
EU GDPR
Help Desk Migration is compliant with the requirements of the General Data Protection Regulation. You can learn more information by visiting this page.
ISO/IEC 27001:2013
Help Desk Migration datacenters are compliant with ISO/IEC 27001:2013 since our hosting provider, Hetzner Online, has achieved this certificate.
PCI DSS
Help Desk Migration uses 2Checkout and PayPro to accept payments. Both providers are certified PCI Level 1 Service Providers, the most stringent level of certification available in the payments industry. You can verify this by checking 2checkout’s fraud protection policy and PayPro’s compliance page.
Note, that we do not store or process any of your payment data.
How to report a security vulnerability?
If you believe you’ve found a security vulnerability in our data migration tool, please contact us at support@help-desk-migration.com. Also, include the following to help investigate the case:
- Description of the location and potential impact of the vulnerability;
- A detailed description of the steps required to reproduce the vulnerability (POC scripts, screenshots, and screen captures are all helpful to us).
Need more details or have any questions?
If you have any questions or suggestions, please send them to support@help-desk-migration.com.