Question: Are QUEST transactions secure?
Answer: All QUEST transactions of data are done in a secure manner. Web transactions use SSL (Secure Sockets Layer) Technology, and file uploads use Secure File Transfer (SSH FTP).
1.5.1 SECURITY DETAIL
To enable employers to securely interface with the QUEST System, the application provides secure access with various features such as an LDAP server using Secure Sockets Layer (SSL) technology.
The QUEST security capabilities include the following elements:
- User Authentication. Performed in conjunction with an industry-standard Active Directory LDAP server.
- Role-Based Security Model. Permissions for a given user are defined by that user's role, allowing the system to restrict the retrieval and dissemination of information appropriately.
- Single Sign-On. Users are authenticated one time and maintain their security credentials throughout their session.
- Authorization/Data Access. These are governed by specific rules on the Active Directory LDAP server. Once a user is allowed access to the system via the Active Directory LDAP server, only the data for which the user is authorized becomes available. Restricting data access through the application to authorized users prevents use of ad hoc data access tools to breach the sensitive Information Tier, thus reducing the risk of malicious data attacks.
- Secure Sockets Layer Technology. Encrypts data to prevent sensitive data from being viewed as it is transmitted via the Internet. All information being transferred across the Presentation Tier is SSL encrypted to protect data including web interfaces implemented via HTTPS and incoming file transfers implemented via secure SSH FTP.
Answer: The Massachusetts Unemployment Insurance Self-Service System design is not to ask employers or applicants for critical information by e-mail or any means other than signing in securely to the system. The system will employ current industry practices regarding safeguarding data and as those practices evolve. Current industry practices deployed are as follows:
Answer: Yes, Agents must register online. Employers then must link an agent to their account and control the agent's level of access on the account.