Confidentiality is an essential consideration in 360 degree feedback process. Raters often fear exposure and retribution if their ratings are disclosed. Therefore if the confidentiality of the process is not perceived by raters, their willingness to provide a frank assessment of the subject is compromised and the value of the feedback received is distorted. The exception is supervisors who are distinguished as a single rater group.
Confidentiality is maintained for direct-reports, peers, customers and others through:
- Raters are selected by the organisation, not by the subject
- Surveys are conducted through a secure https survey link
- There is strong user-level security access to the survey system
- There is no admin panel to interrogate individual responses from raters
- The report groups like raters together as one data set
- Rating groups with less than three raters are not reported
- An external organisation holds the data and is subject to a confidentiality agreement
SurveyMaster360 is hosted on Amazon’s EC2 platform at their Sydney Data Centre. With EC2 we can control the geographical location of instances, and that allows for latency optimisation and high levels of redundancy. The auto-scaling feature of EC2 allows it to automatically adapt computing capacity to site traffic.
The application is initially protected by AWS’s firewall which is equipped to counter regular DDoS attacks and other network related intrusions. The second layer of protection is our own application firewall which monitors against offending IPs, users and spam. While the application can be accessed only by users with valid credentials, it should be noted that security in cloud-based products is a shared responsibility between the company and the businesses who own those accounts on the cloud. In addition to making it easy for administrators to enforce industry-standard password policies on users, our products also come with features aimed at securing business data in the cloud:
- Configuring secure socket connections to portals
- Leveraging SAML and custom single sign-on
- Whitelisting IPs for exclusive access
- Identity management via Google and Facebook credentials
- Custom email servers, etc.
It should be noted that all account passwords that are stored in the application are one-way hashed and salted.
We use a multi-tenant data model to host the application. The application is serviced from an individual virtual private cloud, and each customer is uniquely identified by a tenant ID. The application is engineered and verified to ensure that it always accesses data only for the logged-in tenant. Per this design, no customer has access to another customer’s data. Access to the application by our development team is also controlled, managed and audited. Access to the application and the infrastructure are logged for subsequent audits.