TeamUnify/SportsEngine Studio websites and data security
TeamUnify hosts the TeamUnify corporate website (teamunify.com), SportsEngine Studio corporate website (sportsenginestudio.com), TU swim team websites, and SE Studio sports team websites. We collectively refer to these as TU/SES websites.
TeamUnify uses commercially-reasonable physical, electronic, and managerial security measures to assist in protecting against the loss, misuse, and alteration of personal information that is under our control. When the TeamUnify website, SE Studio website and/or any sports team websites are accessed using IE 10 or later, FF 35.0 or later, Chrome 35.0 or later, or Safari 8.0 or later, a combination of Secure Socket Layer (“SSL”) technology and Transport Layer Security ("TLS") protects your personal information using both server authentication and data encryption. These technologies help ensure that your personal information is safe, secure, and only available to you through use of your username and password. TeamUnify hosts the TU/SES websites in a secure server environment that uses firewalls and other advanced technology to prevent interference or access from outside intruders. TeamUnify also offers enhanced security features that permit customers to configure security settings to their level of comfort.
Here are additional security measures we take.
Amazon Web Services
Security starts with the server infrastructure—the actual hardware and network in the data center. The SE Studio platform runs on Amazon Web Services, the same cloud computing platform which powers Amazon.com and other major internet sites. We are moving the TeamUnify platforms to run on AWS as well.
Our production equipment is collocated at a facility that provides 24-hour physical security, redundant electrical generators, and other backup equipment designed to keep servers continually up and running.
TeamUnify leverages encryption products to protect customer data and communications with GoDaddy SSL certificates, which include SHA-2 and 2048-bit encryption. The lock icon in the browser indicates that data is shielded from access while in transit.
Customers access the TU/SES team websites only with a valid and unique user name and password combination, which is encrypted via SSL while in transmission. Once authenticated, your connection to https://www.teamunify.com or https://www.sportsenginestudio.com is encrypted using a modern cipher suite utilizing TLS 1.2. Customers are prevented from choosing weak or obvious passwords. Customers must enter their user name and password for each log in.
TeamUnify issues a session cookie only to record encrypted authentication information for the duration of a specific session. The session cookie does not include either the username or password of the customer. TeamUnify does not use session cookies to store other personal information or session information, but instead implements more advanced security methods based on dynamic data and encoded session IDs.
Operating System Security
TeamUnify provides operating system-level security by using a minimal number of access points to all production servers. We protect all operating system accounts with strong passwords, and production servers do not share a master password database. All operating systems are maintained at each vendor's recommended patch levels for security and are hardened by disabling and/or removing any unnecessary users, protocols, and processes.
Whenever possible, database access is controlled at the operating system and database connection level for additional security. Access to production databases is limited to a number of points, and production databases do not share a master password database.
Server Management Security
TeamUnify employees do not have direct access to the TeamUnify production equipment, except where necessary for system management, maintenance, monitoring, and backups. The TeamUnify engineering team provides all system management, maintenance, monitoring, and backups.
Special notice regarding the security of TeamUnify's OnDeck and SE Studio Mobile software applications:
Data downloaded into either the SE Studio Mobile and/or OnDeck applications is not secure and is at risk for potential inadvertent use by a non-authorized person that takes possession of the device on which one or both of the applications has been installed. Both OnDeck and SE Studio Mobile application requires that a User Login be entered every time a customer wants to use the application to help improve protection of the data that is stored within the OnDeck and/or SE Studio Mobile application database that resides on the device. However, a customer may set a preference once signed in that will remember the password by automatically populating the password field. Setting this preference is not recommended and will make the device less secure. Customers will be warned of this again when they go to set the user preference. Customers are solely responsible for protecting the security of their devices and the downloaded data on their device. TeamUnify is not responsible or liable for the loss of a device and the stored data and/or inadvertent use by another party.
Unfortunately, no data storage system, or system of transmitting data over the Internet, can be guaranteed to be 100% secure. As a result, we cannot guarantee the security of our servers or any personal information provided to us in connection with your use of the TU/SES websites.
For independent verification of our SSL security, enter our domain name (teamunify.com or sportsenginestudio.com) at the SSL Server Test site.
Auto pay security