Information Technology (IT), Data & Browser Information
eSchedule is committed to maintaining the privacy and security of our customer’s data. We have implemented several layers of security to protect our customer’s information. This environment includes securing our server, database and application.
eSchedule is a web-based software application (commonly referred to as “cloud” software). There is nothing to install on your local computer(s) and/or network.
eSchedule works well on any web-enabled device with a modern Web browser. We test the software with FireFox, Chrome, Edge and Safari. Internet Explorer (version 10+) is used only to allow for time clock in & out when restricting by MAC address.
Mobile & Tablet Access
eSchedule is mobile-friendly. When logging in to your account from a smartphone, the software will recognize this and offer you the “mobile version”. Users can override this setting and login to the “full” version at any time. When logging in with an iPad or other similar tablet the full version is used.
We’ve contracted with Rackspace to manage and host our application. Rackspace has been serving customers since 1998 and has 190,000 customers across the globe. Physical access to the server is limited to authorized employees controlled by biometrics. Redundant hard drives, daily backups and database logs protect the information from hardware failure. The server sits behind a hardened Cisco firewall, stopping any threats with the industry’s most effective threat protection.
With the exception of scheduled downtime, as of July 2020, eSchedule’s application has been consistently accessible 24/7 over the last 42 months. There have been no unplanned outages or periods of downtime.
eSchedule uses an ASP front-end.
eSchedule runs on a secure SQL database that is also hosted by Rackspace. Direct access is restricted by multiple security measures. The database also sits behind a hardened Cisco firewall.
With regard to accessing the database via the application, only authorized eSchedule employees have access to the view or make changes within the database via the Web.
The eSchedule API allows organizations the ability to connect to our RESTful service. If authenticated, HTTP GET requests can be made. The endpoints return a JSON object containing eSchedule information. Please contact us for more details.
Each eSchedule customer receives a custom and unique URL specific to them. For example: https://yourcompany.myesched.com.
Passwords & Protection of Information
Access to the eSchedule application is protected by a username and password given to each member/employee. Security levels allow our customers to limit the information a member can access based on their role in the organization.
For example, eSchedule Administrators can view and update a member’s profile. CME Administrators have limited access to a member’s profile for purposes of maintaining EMT levels / numbers, clearances and certifications. Members have minimal access to information within the application. A member’s contact information is only shared with the organization if the member has approved it (opted in).
By default, we do not require social security numbers, pay rate or any other sensitive information within the software. However, customers may elect to store such information within their account should they so choose. Other potentially sensitive information that we do capture includes basic contact information such as name, address, telephone number, etc.
SSL is used on all eSchedule accounts/URLs.
If you have additional questions about our security practices, please contact us.