Data held by the state is public, and should be. The direct comparison we can make is with our service, where no customer data will ever be public. So how do we protect your data? To start with our infrastructure is hosted on Amazon Web Services (AWS). Hosting your application infrastructure on AWS does not have to imply security, but it’s a platform where all the fundamental tools for securing and protecting customer data exist and where they are easy to audit. A few measures we have taken include only single person access to the encrypted key used to gain read access to the database, IAM users routinely rotate keys and have a limited scope, and a strong password policy for users accessing the console.
Across the U.S., state IT and legislative departments do fantastic work. However, the reality is, in this new digital information age hyper focused on privacy and riddled with uncertainty, assumed private data is anything but private when stored on public servers. If privacy and data protection is on your mind, and you’d like complete access and control of your internal information, it’s in your best interest to use an alternative and secure tool.
For any questions, comments, or feedback regarding data privacy or how the Statehill legislative affairs management platform can help keep your information secure, get in touch at firstname.lastname@example.org.
* Our intent in writing this in no way reflects on the state of Montana data security or privacy, merely, we wanted to bring to light the issue of assumed private information, not being private. All information was acquired in good faith using our own name and email address, we did not operate under any false pretense to attain said information.
* We did not acquire a list from Northwestern Energy as their most current list was dated 2007.