Technical Details Regarding Internet Surveys

Overview of the Process
Surveys are programmed using Perl and HTML, and hosted on one of DataStar's high-performance servers. Respondents access the survey via the Internet from their desktop using their Web browser. The survey can be opened directly by entering the Internet address (URL) or it can be reached via a link from a page on an Internet (or Intranet) site or email message. Respondents complete the survey using their mouse and keyboard and click a "submit" button when complete. Their responses are posted automatically to a data file for further processing and tabulation.

Overview of Hardware/Software/Database Specifications
Our surveys run as a custom script-based application written in Perl. The application runs on Sun Microsystems and HP ProLiant servers, Solaris and Red Hat Linux operating systems, and Apache web server.  A proprietary database is integrated with the Web server. Final data may be exported to ASCII, Excel, SPSS or other universal formats.

Browser Support
A minimum of Internet Explorer 6.0 or any W3C standards-conforming browser (Mozilla/Firefox, Safari, Google Chrome, Opera, etc.) is recommended for optimal viewing and functionality. Users of older browsers may experience some cosmetic differences, but should be able to complete our surveys with no loss of functionality. To maximize compatibility, our surveys primarily depend on server-side functions and do not heavily utilize Java, JavaScript, Cookies or other client-side elements which may restrict functionality to a narrower user-base. Our surveys conform to HTML 4.0 and XHTML standards for improved compatibility with wireless and mobile devices, as well as accessibility guidelines..

Design and Navigation Issues
Our designers typically create a survey which integrates backgrounds, colors, fonts, images and other design elements to give surveys the same look and feel as a client's web-site, or other documents or design preferences supplied to us. Survey design is completely flexible to meet particular requirements of each project.

Navigation through the survey is easy and intuitive, and is continually improved based on feedback received from actual survey respondents.  An introductory page will provide detailed instructions to employees about the how to complete the survey.  These instructions have been in use and tested among hundreds of thousands of survey respondents.

Most surveys include a "save and return later" feature, allowing respondents to complete a survey in more than one sitting.  The instruction page will detail this.  At the bottom of each survey page is an "Exit" button, which will save an employees responses and display additional instructions detailing how to return to the survey.  Upon returning, employees are able to continue where they left off, as well as review and/or modify previous responses.

We have managed many multi-lingual Web surveys, in as many as 59 languages at once, including most European languages as well as double-byte Asian and right-to-left languages such as Hebrew and Arabic. There is virtually no limit on how many language choices can be offered for a particular survey.  We have developed technology to handle multi-lingual survey projects in a cost-effective manner through the use of a special template we provide to translators.

User ID and Password Assignment
In a typical survey, a respondent is provided a randomly-generated alphanumeric "return code" which will enable them to return to a previously saved survey.  Alternatively, individualized passcodes, or PINs may be pre-assigned to respondents, and used for verification, identification, and/or to return to a saved survey.  Return codes and/or PINs are typically disabled upon submission of a completed survey.

Often survey passwords are generic, granting access to large groups of people.  The benefit of a generic password is to block access to anyone not invited to the survey. User authentication (validation of passwords) is typically handled by the survey application itself, but we can employ separate HTTP authentication (handled by the browser) if required. HTTP authentication will display a pop-up dialog box before the user can view a page.  The standard procedure is to display an HTML login page asking for the user's password and/or return code.

Respondent-level Security (anonymity and confidentiality)
Except for where personalized access codes are used (i.e., PINs), there is no way to determine who has submitted a survey without the respondent's knowledge.  We do not collect a respondent's name, email address or other identifying information, unless the respondent has chosen to provide that information. The only relevant information which can be collected automatically from the user's environment is an IP address (usually this identifies only an ISP or corporate access point) and browser/operating system version.

SSL technology is used to encode data as it is being sent from a respondent's computer and our own systems, making it nearly impossible for anyone along the path to view responses.  This technology, the same as what is used to provide protection for online credit-card transactions, provides respondents with an added sense of security. Our servers support a minimum of 40-bit encryption (automatically upgraded to 128-bit encryption where supported by the user's browser). 

Server Security
We use an integrated firewell and Linux-based security measures for our Web servers, taking all reasonable precautions to secure against unauthorized system access.  Only authorized staff have passwords to access systems, which are rotated on a regular basis. Data files on servers are always stored outside of WWW-accessible locations. Our local network is likewise protected by firewalls, encryption and multi-factor authenication for added security.

Our servers are located in one of NTT's state-of-the-art facilities.  Physical security measures at NTT's Data Centers include:

Network Performance
Our servers are hosted with NTT, the largest hosting provider in the world. NTT's high performance National Network is fast, reliable and scalable.  It combines key components that are critical to the operation of a state-of-the-art Internet service: a high capacity national backbone, a 24 hour Network Operations Center (NOC) and superior engineering support services:

The NOC provides network monitoring, performance and traffic management. In addition, the NOC serves the National Network with real-time alarming, event correlation, forecasting and notifications of network events. Verio's national engineering group, strengthened by its regional engineering teams, constantly monitors and upgrades network technology whenever and wherever appropriate.

The bottom-line is that, while we can't guarantee 100% stability for either our systems or the flow of data across the Internet (no one can!), rest assured that we take this concern seriously and have taken steps to provide you with the highest level of service possible.

Server Reliability and Performance
We utilize HP ProLiant servers and the Red Hat Linux operating systems, known for their robust ability to handle large amounts of server load.   The servers are connected to NTT's Global Tier One Network, providing fast, efficient and accurate data transport. 

Surveys are fully load-tested to ensure that we have the capacity to handle the expected traffic and maximize response time. We have experience running surveys with over 1 million participants. There is no theoretical limit on concurrent users, as there is no persistent connection maintained between the respondent and the server while a respondent is filling in answers. 

Compatibility with Proxy Servers and Enterprise Firewalls
We utilize no non-standard hardware/software which will prevent integration with proxy servers or enterprise firewalls.   Standard HTTP port 80 is used for non-encrypted access, and port 443 for SSL access.

Handling Internet Access Restrictions
Web-based administration may be one of several options available to make survey completion as convenient as possible for respondents.  Data collected from a Web-based survey is fully compatible with data collected from other sources (paper, telephone, etc.).  In some situations, a shared centralized computer, or kiosk, may be set up to provide Web-based access to those without personal Web access.

In situations where general Web access is restricted, it is usually possible to provide a link on a corporate Intranet page to a URL on one of our servers using an IP address restriction. This allows employees to access DataStar's servers without granting access rights to other Web sites.  The survey itself is still Internet-based, but access is from within the corporate Intranet. 

DataStar, Inc.    85 River Street, Waltham, MA 02453    781-647-7900