At Docitt, securing
your information is our top priority. We are committed to maintaining the
confidentiality, integrity, and availability of the data you maintain on our
site. Docitt’s security program takes an integrated approach to infrastructure,
applications, and processes to provide comprehensive layered protection of all
data. Our primary objective is to provide a secure environment for our
customers to manage their online accounts. Docitt employs leading-edge
technologies, standards, and business practices to protect your personal
Here are some key features of our security
We have deployed a dedicated environment in a highly
secure data center, supported by resilient network architecture.
We employ state-of-the-art encryption technology both
when transmitting and when storing your data.
Firewalls and security monitoring appliances are
deployed throughout our networks for end-to-end protection of our environment.
use a sophisticated toolset, based on industry best practices and
methodologies, that alerts us to possible threats before they can affect
test and certify all our applications and systems for effective security
are subject to frequent internal and external assessments and audits as
part of our continued efforts to improve our security posture.
Here are more details on how we keep you and
your information safe:
All your personal information is transmitted securely
using Transport Layer Security (TLS) technology with the highest
encryption algorithm available today. These same algorithms are utilized
by all of the top U.S. financial institutions. To further protect your
information, we use encrypted session cookies, which are common computer
tools, to help you easily use the site. You know you are protected when
your browser address bar turns green.
When you see the green browser bar, like in the illustration
above, www.docitt.com can be displayed in the area where “Identified by Norton” is
displayed in the example. When you click on that area, it shows you details
about the certificate and verifies that you are on www.docitt.com.
We have enlisted the services of two industry leaders
to verify our security. Symantec is our security certificate provider and
its trusted “Norton Secured” security seal is displayed on our site.
You can read more about Norton Secured trusted security
Your Docitt login is secured using a one-way 256-bit
salted hash, the same security FDIC insured banks are required to use.
Your documents are also encrypted, and they reside in
our secure storage until you choose to delete them.
We don’t transact with your money on the Docitt website
– we are a “read-only” service. No one can manipulate any of the
information in your accounts from within the Docitt Service.
All our employees undergo criminal background checks as
a condition of employment. Access to systems holding your personal data is
strictly limited and constantly monitored.
All information is stored on dedicated hardware in a
secure datacenter which is monitored 24/7 by bonded and licensed security
Physical access to hardware is controlled by
multi-level, biometric authentication.
We have a comprehensive set of information security
policies and operating procedures that are based on the International
Standards Organization (ISO) 27001 framework, which is used by the top
U.S. financial institutions and U.S. Government agencies.
All employees are required to comply with our policies
and participate in regular security training and awareness education.
We adhere to the Payment Card Industry (PCI) standard,
which is the credit card industry standard against which all groups who
process or handle credit cards are tested regularly.
We employ expert
security and compliance officers to certify adherence to our policies. Docitt
regularly has security industry experts perform simulated attacks and
other tests on our systems
ensure the integrity of our security.
Web Site Account Best Practices
When selecting your
“Secret Question” choose answers that are not easily available to someone else.
If your Secret Question is "What high school did you go to," It
is not recommended that you use the high school you attended if it is
posted on your Facebook page. Others will be able to obtain this public
information and answer your security question. A secure way to do this
would be to use a high school you can remember (e.g., a rival high school,
the name of your school district, a high school where you wanted to
attend, or your current child's high school).
Tips for creating a secure password:
Passwords are the
first line of defense to access your Docitt account. We recommend you:
special characters [/.!@# ect.. ].
capital and lowercase letters.
similar looking substitutions, such as the number zero for the letter 'O'
or '$' for the letter 'S'.
a unique acronym-based passphrase, such as Everything Is Going To Be Okay
becomes “E1GtB0” or the first letter of each word from a verse of a song,
such as, “The Stars at night are shining bright,” becomes “Ts@nasb"..
phonetic replacements, such as 'Luv 2 Laf' for 'Love to Laugh'.
Things to avoid:
not use words or acronyms that can be found in a dictionary
not use a password that contains personal information (name, birth date,
not use keyboard patterns (asdf) or sequential numbers (1234).
not make your password all numbers, uppercase letters or lowercase letters.
not use repeating characters (aa11).
Tips for keeping your password secure:
tell your password to anyone (this includes significant others, roommates,
write your password down, unless you plan to place it in secure location
(Safe Deposit Box).
send your password by email.
your password on a recurring basis (Minimum every year, recommended every
a password locker (PWSafe, KeePass, Last Pass, etc.).