Data Security

Last updated: 06/23/2020

We work tirelessly to keep your data as secure as possible. We implement the following procedures/best practices to the best of our abilities and constantly looking to improve our security:

We leverage cloud firewall security to protect against external threats, DDOS attacks (see Cloudflare below)
Our servers are managed by a best of class security vendor (see DigitalOcean below)
All sensitive data is stored at rest using bank level encryption (AES 256 GCM)
Passwords are one way hashed (can't be decrypted) and require email verification to update
Configuration keys/passwords for production environment are not stored in any public/private repositories, and only maintained by very limited group of senior employee(s).
Database is locked down by firewall with extremely strict access
Servers have no root access
Server and codebase libraries are kept up to date as security holes are discovered (if any)
Database has no ssh direct access and managed by top level secure 3rd party (see DigitalOcean below)
All servers require HTTPS access only. TLS 1.2 is used wherever possible
Client communication after login utilizes secure, limited use cookie hash communication

This list may not be exclusive of all security best efforts being used. We regularly audit our security measures and are constantly looking to improve them as needed.

Vendor Security we rely up:
Cloudflare
DigitalOcean
Was this article helpful?
Cancel
Thank you!