We are working on a new Best Practices Guide that will outline steps that you can take to keep your account secure.  This guide is coming soon. For now please review these  key best practices below:

  • Use SSL (Form Designer > Settings > Security) on all your forms and workflows for secure transmission of data
  • Use encryption at the field level for sensitive data to protect it at rest
  • Never share your account password
  • Never send ANY sensitive information via email, use LogiDecrypt or a workflow or sub-user account to access the data over SSL
  • Store your Private Key on a USB drive away from your computer. Consider storing it in a fireproof safe.
  • Change your password every 90 days (automatically enforced)
  • Use a strong password (automatically enforced)
  • Use Account Security >  IP restrictions to restrict access to your account when possible (to your home or work)
  • When collecting credit cards, use a real time processing gateway partner (like Stripe or Authorize.net) tp process the payment and avoid storing the card
  • Never collect the CV2 card number. It is against PCI compliance to EVER record that number
  • Enable PDF Encryption and Attachment Directory security if you are storing sensitive files or PDFS
  • When using Respondent Update Mode, ensure the “Enforce Password Strength” option is enabled.
  • Monitor sub-user and workflow session logs for any unusual activity