How do I Create a Secure Form?
Formsite has the security features necessary to collect and handle data securely, but depending on the type of form you're building, it's your responsibility to utilize these features when appropriate.
To collect and handle data securely, follow these guidelines:
- All Formsite forms use secure ("https") links by default. Secure links begin with "https", which is short for HTTP Secure. To collect form results securely, you must distribute or embed these secure links. If you change the "https" at the beginning of a link to plain "http", it will no longer be secure.
- Collect credit card numbers only with the Credit Card item type. This item type applies extra card-specific security features, such as automatic masking when viewing results.
- For Notification emails, use the "Send as password link" setting or use Results Views to exclude any items containing sensitive information (like credit card numbers or social security numbers). Email doesn't transfer data securely and shouldn't be used to send sensitive information.
- Enable the "Secure Form" setting on your form's "Settings -> Security" page to enforce extra security features.
Additional Security Features
The "Secure Form" Setting
Forms collecting sensitive information should use the "Secure Form" setting, on your form's "Settings -> Security" page. This setting adds warnings next to settings and features that, when used incorrectly, may result in data being handled insecurely.
Secure Results Files
Files uploaded via File Upload items can be further secured by enabling the "Require login to access files" setting, on your form's "Settings -> Security" page. This setting replaces file links appearing in results with encoded links which require you to be logged in.
All forms are protected by an automatic reCAPTCHA. If an unusual pattern of submissions is detected for your form, a reCAPTCHA will selectively appear to prevent abuse. You can further customize the reCAPTCHA, on your form's "Settings -> Security" page, to appear always or appear never.
For compatibility with reCAPTCHA, to make sure it has enough space to display, it's best to make your forms at least 300px wide.
Two-factor authentication (2FA) attaches a mobile device to your account. A time-sensitive passcode from the mobile device will be required during login.
- Authentication: The safety of your account identification information is taken very seriously and is always encrypted in transit and at rest. Account passwords are subject to minimum complexity requirements. Login is required to access collected data and files by default.
- Authorization: Once authenticated, only your account, or sub-user accounts with correct permissions, will be able to perform actions on your data by default. We also offer secure options to share your results. We strive to maintain as tight controls on actions as possible. You may further customize your user and form permissions.
- Accounting: Access and activity to accounts and data are routinely logged and analyzed. This information is then regularly used for security reviews and monitoring, as well as performance maintenance. Major activity in your account is also logged and viewable online.
- Encryption: All data stored in your account, including data you collect with your forms, is encrypted at rest using the AES-256 encryption algorithm.
System and Network Security
- All Formsite servers are colocated exclusively in a cloud-based architecture with Amazon Web Services (AWS) using their datacenters with hosting in the United States. Find complete information on AWS Security on their security page. In addition to our own staff, AWS provides expert support and system maintenance.
- Formsite uses high-grade SHA-256 RSA encryption for secure (https) connections over TLS, the same level of security used by banks and other financial institutions. The AES-256 encryption algorithm is used to encrypt data at rest.
- High performance, stability, and DDOS mitigation are achieved through the use of load-balancing on public-facing servers, as well as redundant processing instances and databases across different physical locations. This allows us to support high traffic loads across our user base with high uptime.
- Formsite servers are routinely monitored and tested by internal and external PCI and system scans, and kept up to date with important security patches and software. Automated monitoring is also in place with the ability to alert Formsite personnel.
- Secure network access is enforced by multi-tiered firewalls, custom system configurations, and multi-zoned networks.
- All Formsite personnel are trained and regularly updated with the latest best practices regarding security and threat management.
- Access to Formsite resources is reserved solely for employees of Formsite, with minimal access permissions as needed.
- Activity on Formsite servers and networks is constantly logged and audited. Access to systems and data is highly restricted to only essential skilled personnel, and activity is both tightly controlled and monitored. Our staff also use best security standards, including two-factor authentication, private key-protected secure shell, secure VPN, etc., where possible.
Business Continuity and Disaster Recovery
- 24/7 monitoring and intrusion prevention systems are enacted for all public-facing services.
- Robust alert systems, secure processes and systems allow vital Formsite personnel to respond to issues within minutes at any time.
- Disaster recovery plans are in place, reviewed regularly, and distributed to all necessary Formsite personnel.
- Our system and network architecture provide a high degree of fault tolerance and recovery, both in security and performance. Important systems have redundancies in place to support fail-over processes and are also backed up routinely.
- Backups of all vital systems and data are taken regularly, and copied as appropriate to secure locations in order to provide contingencies across multiple systems and locations.
- Results data can be exported from your account, allowing you to create personal backups.
- We use technologies including Java, Linux, and MySQL to develop Formsite.
- All software produced by Formsite personnel is subject to regular screening, review, and testing, and is also held to best practices and industry standard guidelines in order to reduce vulnerabilities.
- Testing on all software is performed in multiple test, or "sandbox", environments before reaching the production environment.
- Advanced code deployment systems allow us to develop and distribute patches or updates to our code quickly and safely should the need arise due to a bug or vulnerability.
- Formsite is PCI 3.2 compliant. Our servers pass routine PCI compliance scans and we will provide our scan certificate upon request.
- We are PCI compliant with respect to the handling of billing information for Formsite accounts.
- All payment integrations are PCI compliant (PayPal Standard, PayPal Pro, Braintree, Authorize.net, Stripe).
- If you elect to collect credit card information on your form, it is your responsibility to maintain the PCI compliance of your entire account.
- Collect credit card numbers only with the Credit Card item type.
- Do not collect the three or four digit CVV/CSC number. Under no circumstances is this ever allowed for PCI compliance.
- Upgrade to the Pro 3 level and use the Two-factor authentication feature for your login and any Sub-user logins. This will satisfy many PCI requirements with respect to protecting account credentials. If you elect not to use Two-factor authentication, you must adhere to username and password requirements outlined in PCI standards.
- Data must be removed prior to account inactivation and/or when data is no longer needed. It is your duty to remove the data after it is no longer needed or upon account de-activation.
- Results Reports should not be used as a means of sharing card holder data.
- Your share of responsibility extends to any actions that are in your control that are outlined in PCI standards. Formsite has covered all of the areas outside of your control.
- If in doubt of your compliance, we urge you to use one of the payment integrations. Formsite takes all responsibility for the compliance of the payment integrations.
Security Breach Response
While Formsite follows best practices and makes security a priority, transmitting and storing data will still carry some inherent risk. Due to this, we have procedures to enact should a breach occur. In addition to the monitoring and alerting systems mentioned above, our procedures also include contacting account holders by email or placing notices on our main website or within each account, as needed. We also maintain support round-the-clock to communicate with our users and address further questions and concerns.
Formsite offers many advanced features and functionality. Therefore, security of your data also relies upon your responsible usage. We provide many features, as noted above, to help protect your data. Responsible usage includes, but is not limited to, keeping your passwords and sensitive account information safe and handling your results data safely. Any data you distribute should be as limited in scope as possible and use relevant security features, such as password protection, where possible. In addition, your data security also relies upon the security of any devices or networks you use to access your Formsite account and data. This includes keeping your computer or device up to date with security patches, enforcing user security standards, and storing and deleting downloaded files safely. For more information on the responsibilities of using Formsite, also see our Terms & Conditions.
Due to our large and varied user base, requests for further specific details or custom security assessments may require a certain level of service. You may also see more details about the features included with each level of service on our pricing page or detailed pricing page. For large existing or potential accounts, we also offer several additional Enterprise services, including White Label and HIPAA Compliant services.