Delivering roadside is no small feat. Building our platform to meet the historical, current and future requirements of data security and privacy adds an additional layer of complexity. Just keeping up to date on the latest can be challenging when even the terminology seems like a bit of alphabet soup! But rest assured – we’re on top of it all. Not only that, we are continuously enhancing our platform to meet the latest privacy and security standards. Here’s a rundown of what these terms mean and why they matter, along with platform updates we’ve implemented to support them:
Single Sign On (SSO) enables you to securely authenticate with multiple applications and websites by logging in only once – just one set of credentials (username and password). These credentials are managed by your organization, which sets the rules for password complexity, reset requirements, and user access. In order to implement single sign on, your IT team will need to partner with Agero to exchange some key parameters. This process is pretty straightforward and can be implemented on Agero Dashboard, Agero Accident Management Dashboard and on Swoop.
Multi-factor authentication is another option for securely logging in to critical applications. With this security system, the user’s identity is verified by requiring multiple credentials. For Agero applications including Swoop, your username and password are the first set of credentials and the email code sent to you is the second. This extra layer protects against phishing and stolen passwords, while elevating security standards. Notably, it does not require any involvement from your IT team; this is already standard for Agero applications and we will be rolling it out to Swoop users beginning in November.
GDPR is a data privacy standard for the European Union that went into effect in May of 2018. It significantly enhances the protection of personal data for EU residents, while increasing requirements for all companies that market products and services in the EU. We added GDPR compliance to the Swoop platform because of our international presence. While it looks like all users are accessing the same Swoop platform, our clients in the EU access different infrastructure than the one used by our US-based clients, and sensitive customer information remains securely stored and accessed in a way that is GDPR compliant.
Similar to GDPR, the state of California put in place a similar standard designed to enhance the privacy rights of its residents. This legislation gives customers more control over their personal information, including the right to know what information has been collected, the right to delete this information, the right to opt out, and protection from discrimination for exercising these rights. This applies to all businesses with over $25M in revenue. We have enhanced our process and platform to support these capabilities. As a result, you may occasionally see personal identifying information removed from the platform.
We value your partnership and we are proud to invest our time and expertise in ensuring that our solutions support both best practices and regulations for data security and the privacy of personal information. Our agile development approach enables us to quickly respond as these standards evolve. Enjoy the ride!
Meet the Author: Roschelle Lowe - Senior Product Manager