Magpi takes the security and the safety of your data very seriously. We use the best tools and engineering practices available to build and maintain the Magpi system, and we have a dedicated team making sure that the system is secure. All Magpi data is stored securely and backed-up in at least two locations at least daily – though you are responsible for regularly downloading or otherwise backing up your data independently. Your account login is protected by many layers of security including password verification.
Other Magpi users can’t see the data for any of your forms in Magpi, or your account data, unless you deliberately give them the privileges to do so (via the Sharing tab). Note that forms (ie, the questions and logic) are visible by default to all users of the Magpi system, unless you specifically make the forms private (via the Properties tab).
More technical information:
- The Magpi website and client software are constantly being evaluated and hardened to enhance security and protect against attacks.
- Full-device encryption can be accomplished on Android, and iPhone platforms using the built-in tools for each of those platforms (on the iPhone, this is a 1-minute process).
- While most Magpi users utilize the internet (e.g. GPRS, 3G, wifi, etc) to download forms to mobile devices, and to upload data, it is possible to enter data from any phone by SMS, or to upload data from the Symbian app by SMS, or to send information by SMS. The data in those cases is not encrypted, and this is therefore the least secure way to transmit information.
- Public files are only viewable by people who have a link to the files.
- Magpi uses AWS cloud-based storage in the EU for data storage. You can find more information on AWS Security.
- Magpi uses modern encryption methods to transfer your data, including Secure Sockets Layer (SSL) and AES-256 bit encryption (with the exception of data transmitted by SMS). Like your bank, Magpi utilizes the Extended Validation SSL (EV-SSL) certificate, identifiable by the green notice in your URL bar, which incorporates:
- 256 bit encryption
- Daily website malware scanning
Revised October 2018