Security, Safety, and Screening

Last updated: Wednesday, September 28, 2022
Feel free to contact Reify Joie with any questions, comments, or suggestions.

 
 

Methodology

As a private dungeon located in our home, The Construct has more stringent security and screening policies than other dungeons, clubs, and events that take place in Southern New Hampshire. While the health, safety, security, discretion, and privacy of our guests is of utmost importance, we have taken additional steps to protect ourselves as residential property owners.

The physical, computer, and network security and privacy of The Construct is based on Reify Joie's 25+ years of experience in the fields of corporate events planning, corporate office construction, data center engineering, and cybersecurity engineering.


Guest Screening and Vetting

New guests of The Construct may be asked to provide a copy of their government-issued identification for screening purposes. This policy is similar to other local dungeons, events, and pros that require valid identification, assures that all guests are of legal age, and enables us to background check new guests against public records and sex offender registries.

Simply put, trust is reciprocal. Guests of The Construct can trivially discover our identities by running a public records search against our address, therefore it's only fair that we at The Construct are privy to the identities of our guests. We pride ourselves on our discretion, the identities of our guests will not be revealed unless legally compelled to do so, and we expect reciprocity of the same from our guests.

Friends of The Construct that have been vetted in person may be exempt from additional screening.


Security Cameras

The most overt security measure implemented by The Construct, compared to other dungeons, is the addition of security cameras that monitor our property, living spaces, and the dungeon itself. We are transparent and up front about this fact — if our guests are in the Studio/Dungeon, Aftercare Lounge, Deck, front yard, or driveway, then they are in view of a security camera.

Security footage is automatically overwritten after less than 20 days, and will never be used without the explicit consent of our guests.

Our Decision To Install Security Cameras Is Multifaceted

  • The Construct spans multiple floors and rooms across two buildings on our property. If a dungeon monitor needs to take a break, then security cameras allow us, or trusted guests, to act as temporary dungeon monitors from either the Aftercare Lounge or Deck.

  • We take all consent violation reports seriously. Security cameras help to mitigate the conflicting reports that come from alleged consent violations by providing a temporary record of the incident.

  • The Construct doubles as Reify Joie's commercial photography studio and work-from-home cybersecurity engineering environment. Security cameras are required to monitor the equipment and infrastructure installed at The Construct.

Security Camera Details

  • Ubiquiti UniFi security cameras and network video recorders (NVRs) are secured by enterprise-class two-factor authentication (2FA).

  • Security footage is stored locally on dedicated NVR hard drives, physically under the control of Reify Joie, and is never uploaded to the cloud.

  • Security cameras are either physically connected via wired ethernet, or wirelessly connected via a dedicated, encrypted Wi-Fi SSID and VLAN. This segments security camera traffic on a separate network not utilized by computers or mobile devices.


Encryption of Personally-Identifiable Information (PII)

The Construct uses industry best practices for encryption to protect all PII provided by guests, such as model releases, consent forms, and liability wavers.

Encryption at Rest

All computers and servers in use at The Construct that are capable of full-disk encryption have full-disk encryption enabled.

  • All iOS mobile devices utilize Data Protection.

  • All macOS devices utilize FileVault full-disk encryption.

  • All Linux devices utilize Linux Unified Key Setup (LUKS) full-disk encryption.

  • All Windows devices utilize BitLocker full-disk encryption.

  • All Time Machine backups are encrypted at rest before being encrypted in transit to a local Synology NAS.

  • All Backblaze backups are encrypted at rest before being encrypted in transit to Backblaze's enterprise backup service.

  • No Android devices that process PII are currently in use at The Construct.

Encryption in Transit

Data that is transferred over the internet, or a local area network, needs to be encrypted in transit to prevent unauthorized viewing.

  • All data transferred to or from any server under administrative control of The Construct utilizes TLS or SSH encryption protocols in transit.

  • Contact forms submitted via ReifyJoie.com are encrypted in transit via TLS, and encrypted at rest by our email provider, ProtonMail.com.

  • Email sent by or to Reify Joie or Saccharine Purr from modern email providers that support TLS (ProtonMail, Gmail, Yahoo, Outlook, FastMail, etc.) are encrypted in transit via TLS, and encrypted at rest by our email provider, ProtonMail.com.


Secure Storage of Sensitive Physical Documents

Physical copies of paperwork containing PII, such as model releases, consent forms, and liability wavers, are stored in a locked, fireproof safe. When possible, physical paperwork is securely scanned and encrypted, and then the original is shredded. 18 U.S. Code § 2257 records must be kept as physical paperwork.