Security Information
Music Monitor's Security Measures in Brief
- Music Monitor stores as little sensitive information as possible and does not store any credit card or financial transaction information.
- Our access to your system is with your approval on each occasion, and access to your server is only by a tightly restricted set of our staff.
- Music Monitor runs on regularly updated software and the product itself is regularly updated.
Outline
The software you are using is Claris FileMaker, an Apple-subsidiary database platform used by many developers worldwide.
Alison Carr Solutions is a Claris partner and a Melbourne-based company of 5 people including Alison the developer and support and admin staff.
Music Monitor is a product built by Alison Carr Solutions on the FileMaker platform. It is a comprehensive database for music departments in schools and conservatoriums, featuring holistic student records covering all activities, and user-friendly interfaces for administration staff and music teachers alike.
The file will be hosted by you, on your own system, or by Alison Carr Solutions on our server.
What We Provide
Alison Carr Solutions is a Claris partner and a Melbourne-based company of 5 people including Alison the developer and support and admin staff.
Music Monitor is a product built by Alison Carr Solutions on the FileMaker platform. It is a comprehensive database for music departments in schools and conservatoriums, featuring holistic student records covering all activities, and user-friendly interfaces for administration staff and music teachers alike.
The file will be hosted by you, on your own system, or by Alison Carr Solutions on our server.
What We Provide
- The Music Monitor product including annual updates
- Licenses for the FileMaker software
- Support in the installation, setup and ongoing use of the product
- Optional: hosting of your FileMaker file
- On request: “Music Assist” service, providing temporary onsite management of your Music Monitor installation when you have a staff shortage
Music Monitor Security Measures
General
At Music Monitor we continually monitor and evaluate the data security environment we work in. We discuss and address vulnerabilities as they arise, and we devote time at our annual all-staff meeting to reviewing the changes in the past year.
Data Held
You have control over what data is saved in Music Monitor, and we encourage you to store as little information as possible. But some data will be necessary, such as:
It is also possible for you to use Music Monitor to store much more information if you choose. That can include such things as:
Music Monitor does not process payments or make use of any credit card data.
Access
Music Monitor requires that all users have a user login account registered in Music Monitor. Each login account is assigned a privilege set. The privilege sets make use of FileMaker's 'granular control' feature.
Music Monitor allows you to require two-factor authentication of users logging in, and to require strong passwords. It is your choice to enable these requirements. Music Monitor also offers external authentication. This way passwords and user accounts can be centrally controlled for added security.
Data Security
When set up with a valid SSL certificate, data in transit to and from Music Monitor is encrypted. We will highlight the need for you to put in place a valid SSL during setup, and continue to remind you of the importance if you do not have it in place. It is your choice to take the advice.
At Music Monitor we continually monitor and evaluate the data security environment we work in. We discuss and address vulnerabilities as they arise, and we devote time at our annual all-staff meeting to reviewing the changes in the past year.
Data Held
You have control over what data is saved in Music Monitor, and we encourage you to store as little information as possible. But some data will be necessary, such as:
- Names
- Email addresses
- Contact phone numbers
It is also possible for you to use Music Monitor to store much more information if you choose. That can include such things as:
- Additional contact information including postal addresses
- Resources such as teaching rooms and musical instruments
- Activities such as performances, excursions, and exams
- Customer medical information that may be relevant to their teachers
- Customer billing history relating to the enrolments and any other services that Music Monitor handles
- Customer bank account information if you collect it and choose to store it in Music Monitor
- Staff pay amounts for the work that is scheduled through Music Monitor
Music Monitor does not process payments or make use of any credit card data.
Access
Music Monitor requires that all users have a user login account registered in Music Monitor. Each login account is assigned a privilege set. The privilege sets make use of FileMaker's 'granular control' feature.
Music Monitor allows you to require two-factor authentication of users logging in, and to require strong passwords. It is your choice to enable these requirements. Music Monitor also offers external authentication. This way passwords and user accounts can be centrally controlled for added security.
Data Security
When set up with a valid SSL certificate, data in transit to and from Music Monitor is encrypted. We will highlight the need for you to put in place a valid SSL during setup, and continue to remind you of the importance if you do not have it in place. It is your choice to take the advice.
FileMaker Security Measures
Claris FileMaker is a well-respected platform, an Apple subsidiary with strong security compliance. From their website:
The FileMaker Platform provides a complete suite of tools to help you control data access, operations and development within a FileMaker file, and enable you to help you meet auditing and regulatory compliance requirements, even in shared environments.
Full information is found at https://support.claris.com/s/article/FileMaker-Platform-Security-Overview-1503693058473?language=en_US.
You may also find the page on technical specifications helpful https://support.claris.com/s/article/Claris-FileMaker-2024-Technical-Specifications?language=en_US.
The FileMaker Platform provides a complete suite of tools to help you control data access, operations and development within a FileMaker file, and enable you to help you meet auditing and regulatory compliance requirements, even in shared environments.
Full information is found at https://support.claris.com/s/article/FileMaker-Platform-Security-Overview-1503693058473?language=en_US.
You may also find the page on technical specifications helpful https://support.claris.com/s/article/Claris-FileMaker-2024-Technical-Specifications?language=en_US.
File Hosting Security Measures
Your Music Monitor file can be hosted on your own system, or we also offer a hosting service.
If you host the file yourself, the security of your file is determined by the security of your system, in combination with the above-listed measures.
If we host your file, we will host it in an encrypted form on a dedicated Linux server hosted in Australia, with SSL certificate, offsite backups and 24/7 monitoring. More information about our hosting offer is at https://www.musicmonitor.com.au/cloud-hosting.html.
If you host the file yourself, the security of your file is determined by the security of your system, in combination with the above-listed measures.
If we host your file, we will host it in an encrypted form on a dedicated Linux server hosted in Australia, with SSL certificate, offsite backups and 24/7 monitoring. More information about our hosting offer is at https://www.musicmonitor.com.au/cloud-hosting.html.
Third Party Security Measures
For remote support, we make use of the following applications. They are all well-established platforms with good security credentials. See their linked security information below.
- TeamViewer - https://compliance.teamviewer.com/?%3F=p
- Splashtop - https://www.splashtop.com/security
Our Access to Your System
Our staff have access to your system to support you in using the product, and to perform scheduled updates. Each time we need access to your system, we request it from you and are admitted by you via a remote support app (above), with limited exceptions in place for customers who have requested a different setup.
Only two of our staff have access to your server – Alison the developer and Jonathan for integrations. Our support staff interact by remote access to your staff member’s device, while in conversation with that staff member and with their supervision. Updates are performed at a time agreed with you, and access is granted specifically on each occasion.
We do not generally have any occasion to access your physical equipment. An exception is when we’re providing our “Music Assist” service where, at your request, our staff member operates your Music Monitor system temporarily during a period of staff absence. In this situation, access to your system is provided at your discretion.
Our staff who provide this service have a current Working With Children Check.
Only two of our staff have access to your server – Alison the developer and Jonathan for integrations. Our support staff interact by remote access to your staff member’s device, while in conversation with that staff member and with their supervision. Updates are performed at a time agreed with you, and access is granted specifically on each occasion.
We do not generally have any occasion to access your physical equipment. An exception is when we’re providing our “Music Assist” service where, at your request, our staff member operates your Music Monitor system temporarily during a period of staff absence. In this situation, access to your system is provided at your discretion.
Our staff who provide this service have a current Working With Children Check.
Web Access
Music Monitor is not a web application. You have the option to use FileMaker’s WebDirect option for access to your file. The security setup for WebDirect is addressed in the general FileMaker security setup page at https://help.claris.com/en/security-guide/content/index.html.
Privacy
Our approach to data privacy is informed by and complies with the Australian Privacy Principles.
Our staff adhere to strict confidentiality around the data we have access to in your system, as well as data relating to you the customer. We do not disclose data to any third party unless we are required to do so by law.
Our privacy policy can be found at https://www.musicmonitor.com.au/privacy-policy.html
Our staff adhere to strict confidentiality around the data we have access to in your system, as well as data relating to you the customer. We do not disclose data to any third party unless we are required to do so by law.
Our privacy policy can be found at https://www.musicmonitor.com.au/privacy-policy.html
Other Relevant Policies
Data Access and Use
All Music Monitor staff are bound by an agreement not to use your data for any purpose other than to support your music administrators in carrying out their jobs smoothly and efficiently.
System Updates
Updates to the Music Monitor product are made continually throughout the year. If an update is important for security reasons, we will request all customers to book in a time for a special update, and otherwise new features are installed regularly with the annual update.
All our staff keep our operating systems and relevant software updated, installing updates promptly when they are released. We encourage you to keep your systems updated as well. When we’re supporting you or updating your file, if we see that your copy of FileMaker is not current, we will recommend that you update it.
Data Breaches
Alison Carr Solutions has not suffered a data breach.
In the event of a breach of our system that affected your data, we would notify you immediately by email and would work with the relevant provider to restore security and ascertain the extent of the breach.
All Music Monitor staff are bound by an agreement not to use your data for any purpose other than to support your music administrators in carrying out their jobs smoothly and efficiently.
System Updates
Updates to the Music Monitor product are made continually throughout the year. If an update is important for security reasons, we will request all customers to book in a time for a special update, and otherwise new features are installed regularly with the annual update.
All our staff keep our operating systems and relevant software updated, installing updates promptly when they are released. We encourage you to keep your systems updated as well. When we’re supporting you or updating your file, if we see that your copy of FileMaker is not current, we will recommend that you update it.
Data Breaches
Alison Carr Solutions has not suffered a data breach.
In the event of a breach of our system that affected your data, we would notify you immediately by email and would work with the relevant provider to restore security and ascertain the extent of the breach.
Last Updated: 11 October 2024