Questline understands the importance of protecting customers’ data in the utility industry. We’ve worked hard to stay current and put policies in place to ensure we are adhering to industry standard data security procedures.

  • The Questline production environment runs on top of Amazon Web Services (AWS - https://aws.amazon.com/security/) and adheres to industry standard best practices regarding security in the cloud. 
  • Questline performs an annual intrusion vulnerability assessments and remediates any issues discovered.
  • All Questline data is encrypted at rest using file/block level encryption (enabling compliance with HIPAA-HITECH, PCI-DSS, FISMA, EU Data Protection Directive and other data security regulations) with cryptographic keys stored separately along with a broad range of policies for object authorization, expiration, revocation, and retrieval limits.
  • Questline holds a 10mm Cyber Insurance policy against data theft/data breaches
  • Questline completed a SOC2 Audit, focusing on security, availability and confidentiality.
  • All Questline applications are secured using industry standard 2048 bit SSL encryption.
  • Questline maintains documented policies and procedures regarding IT Best Practices, i.e. Data Retention Policy, Asset Classification, Removable Media Policy, BYOD, Disaster Recovery, Business Continuity, etc.
  • All Questline Security Policies and Procedures are reviewed and signed off on by Questline Management quarterly.
  • All Questline employees are required to go through security awareness training on an annual basis.
  • Questline has been audited by many client utilities. These audits include custom security reviews as well as ISO 27001 reviews.