A system for recording foster carers weekly reports. It consists of data entry via mobile apps and a back end delivery system for distribution and administration of the records.
All data held was of an extremely sensitive personal nature and so security was an absolute priority. However the users were extremely non technical and so account recovery and UX design had to account for this.
To ensure the security of data we took the following steps:
- All user accounts were secured using multi factor authentication (MFA) with advanced threat detection.
- All user data was encrypted using AES256 with a key management store using hardware security modules (HSMs) that are validated under FIPS 140-2. We used annual key rotation.
- Encrypt all data locally on device before it is uploaded to the backend. All data is also encrypted at rest.
- Use of Amazon Web Services Guardduty as a security monitoring service that analyses and processes all system logs. This service uses threat intelligence feeds, such as lists of malicious IP addresses and domains, and machine learning to identify unexpected, potentially unauthorised, and malicious activity.
To allow for simple data entry we developed an IOS and Android app for end users. End user reaction was overwhelmingly positive:
Using this app is the first time I’ve felt up to date and able to stay that way easily. It’s a no brainer.
This App seems to solve my recording issues completely. Standing or sitting about waiting for kids has suddenly become productive time!!! Thank you so much.
This is great – have added my 4 and already added parts for this morning. Lifesaver!
You can see the end results of the mobile apps by following the links below.
