Key information on EasyRx Security
The security of your information is vital in our success as a business. Below are some details on our security practices. EasyRx requires all traffic to be encrypted in both directions, uses 128-bit AES, supports TLS 1.2 for all transactions, and uses the DHE_RSA key exchange algorithm.
Additionally, we proactively monitor the security community’s findings and work promptly to upgrade the service to respond to new vulnerabilities as they are discovered.
Payment Data Security
External Security Audits
We contract with credible, external security firms who perform regular audits of EasyRx to verify that our security practices are sound and to monitor the service in light of new vulnerabilities discovered by the security research community. Our site is also monitored and certified by the globally recognized McAfee SECURE service to ensure a safe browsing environment.
Internal Security Audits
Our development team regularly analyzes the EasyRx domain as well as login portal behaviors to proactively address any potential threats. We track an extensive audit log to view: Failed and successful logins, password reset requests, edited and deleted invoices, edited and deleted prescriptions, and downloaded content. All logs contain IP, email, and login data. This information is kept confidential and is only shared with the proper entities when warranted.
Secure Physical Location
As of June 2016, we’ve migrated to Amazon Web Services Platform: An ultra-reliable and secure managed cloud hosting platform. You can learn more about Amazon Web Services at their site: https://aws.amazon.com/
We understand that you rely on EasyRx to work. We’re committed to making EasyRx a highly-available, ultra-reliable service that you can always count on. We build systems that tolerate the failure of individual computers or whole data centers, keeping many copies of your data online for redundancy, practice disaster-recovery measures often, and always have staff on-call to quickly resolve unexpected incidents.