Security isn’t just about the technology used to store your data, it’s about trust. Over the past 17 years we've worked hard to earn the trust of companies in Australia and worldwide. We continue to work hard every day to maintain that trust and believe that longevity and stability is core to that goal.
Whenever your data is in transit between you and one our services, everything is encrypted using industry standard HTTPS 256bit AES encryption. This is the same for our server-to-server communications, helping to ensure that your data is kept as secure as possible.
Website information is accessed solely by secure Microsoft APIs. Our APIs are protected by authorisation filters to ensure only valid user types can access the APIs.
You should be the only person who knows your password and can sign into the HowNow Portal. To adhere to those conditions, we don’t store your password in a readable format. They are hashed at the point of setting and we only store the resulting hash. This is a one-way process, unlike encryption, which means they can never be converted to a readable format.
Storage & Redundancy
Geo-redundant storage of your files is a feature of Microsoft Azure, which we use for the HowNow Portal. This means that there are multiple copies of your files within a primary data centre region in Australia. These copies are also replicated to a secondary data centre region in Southeast Australia, hundreds of kilometres away, giving protection against natural disasters.
All files and replicated copies are encrypted at rest using Microsoft SSE encryption, which uses 256-bit AES encryption, one of the strongest block ciphers available. Files are decrypted prior to retrieval following authorisation checks.
Our portal uses Microsoft Azure Infrastructure and Services which currently has more than 20 cloud computing related security compliance certificates, including ISO 27001 and 27018. We chose Microsoft Azure to host our cloud based services, as the industry leader for Enterprise and Government Security.
The HowNow Portal integrates with Adobe Sign for electronic signatures – when using this technology an account that is asked to sign a document is not required to sign into the Portal. This occurs because the email address has been authenticated as an account holder during the setup phase by the firm on the Portal, and will therefore only allow you to apply signatures from the Portal’s approved and active list of accounts.
We specifically moved to Adobe Sign to meet client demands for a simpler signing process and chose them as a provider as they are a market leader in both electronic signatures and document security.
Please click here to see information on this service from Adobe Sign.