The SecureForm service hosts your contact or booking forms on the SSL-enabled FormSentry.comdomain. Clients are able to build, maintain and visually customize forms to match their website. Once active, forms are processed securely over an encrypted connection between their visitors computer and the server. As the submission reaches the server, individual form data is encrypted using an Advanced Encryption Standard and stored in that client's account database for up to 30 Days. Depending on how you have the form configured, the system will email you a copy of the form or notify that a submission has been made.
- SSL Secured Connection
Form data is transmitted to the server over an encrypted, SSL secured connection.
- 30 Day Encrypted Form Storage
All form submissions are encrypted and stored in your client database for 30 days. Because form data is not meant to be saved long term, it will be automatically flushed out after 30 days.
- Customizable Email Delivery
Ability to specify where submission notices are sent for each form and what form data is included.
- Customizable Auto-Response
Ability to set a custom auto-response to users after they submit your form.
- Multiple Forms
Clients are able to create as many forms as they need for their business.
- Easy Form Editing
You will be able to easily add, edit or remove fields within your form.
- Mobile Friendly Version
When accessed by a mobile device, your visitors will automatically be switched to the mobile-friendly version of your form (Pop-up forms only. Does not apply to embedded forms).
- Individual Databases
All clients have their own database, which means that if one account is compromised due to user negligence, it will not effect other clients on the server
Methods of using your SecureForm Service
Method 1: SSL Submission & 30 Day Encrypted Storage Only
With this option, visitors submit their form data over an SSL secured connection from their computer to the server. Once processed, individual form data is encrypted using an Advanced Encryption Standard (AES) and stored in your client account database for 30 Days. Data decryption takes place dynamically in your browser after you login to your client portal. At no point is raw, unencrypted form data ever stored on the server. This option is the most secure and assumes you have your form configured to only send you notice that a submission has been made, with little or no sensitive data being sent with that notification email. To view/decrypt form submissions, you would login to your FormSentry.com Client Portal. For your security and that of your visitors, submissions are automatically deleted after 30 days.
Method 2: SSL Submission, 30 Day Encrypted Storage and Email Delivery
This option includes everything in Method 1 but with the form configured to send you a full or partial copy of all form data via email. Although form data is submitted securely over SSL to the server, this option is less secure unless you are sending to an email address hosted on the server. The reason for this is that individual field data emailed to you will not have that extra level of encryption and will no longer be transmitted over an SSL connection once it leaves the server for delivery to your off-server email address. A recommended configuration with this option is to only have the notification email send non-sensitive data, such as the sender's email address and date/time requested. At that point, you can login to your FormSentry.com account to decrypt and view the full submission. Stored submissions MUST be viewed within 30 days, as they are deleted after that as a security measure.
How a form data is submitted:
- A visitor goes to your contact page and clicks on your Secure Booking Form link, which will open your form in a new window. You also have the option of embedding forms directly within your pages, though a pop-up link is recommended for accessibility to mobile visitors.
- Your secured contact form opens over an encrypted, SSL connection and is submitted securely to the server after they fill out their information and hit send.
- Form data is encrypted using AES and a unique KEY, then stored in your client account database. Depending on how you have the form configured, the system will notify you of a submission or forward a full or partial copy of form data to your email address.