Akasha Center for Integrative Medicine

Our Vision Of Medicine - Your Path to Wellness

Form Security

All forms on The Akasha Center for Integrative Medicine are created using Wufoo. Measures taken by Wufoo to ensure form security:-

Wufoo has a responsibility to actively pursue security. Currently, we do that on both a code and hardware level (managed by our hosting partner, BitPusher).

*Physical Security - The data center is in a locked building, and entrants need to badge in through two doors to enter the facility. As well as cameras at each entrance to the data center, there are motion sensors that track where each person moves throughout the data center. The space BitPusher manages is separately locked and accessible only to BitPusher and data center staff. The servers themselves are then inside locked cabinets within BitPusher’s space, and only BitPusher staff have access.

*Network Security - There’s an outside routing layer which provides basic filtering (more about handling denial of service attacks than protecting data). All network traffic then passes through one of the (redundant) firewalls, which are heavily locked down and only allow the specific services being made available publicly. Within that, there is a NAT layer, and only public services are defined here. Each BitPusher customer is on a separate VLAN and separated from other customers at this layer.

*Server Security - We follow a large list of best practices to ensure server security. These include only installing needed services, diligent application of security updates/patches, detailed monitoring and file system integrity checking. We also have a very limited set of people authorized to access the servers (except through the public-facing services), with administrative access restricted to BitPusher staff.

*Code Security - In addition to implementing features the increase security, we have to maintain best practices on the backend to ensure your account remains secure. We monitor sessions to restrict access of your account appropriately, and have constructed Wufoo in a way that every account is isolated. Safeguards are in place to try and detect common attacks such as SQL injection and cross site scripting. Most importantly, we actively review our code for potential security (in addition to evaluating all user feedback) so that we can address any issues as quickly as they arise.