Quick Summary
Physical and Operational Security
- Infrastructure is physically secure in a SSAE 16 data center
- 24/7 secured site perimeters, digital video surveillance
- Biometric security systems
- 4X geographical distribution for disaster recovery and business continuity
- Security logging and offsite recording of system administrator access activity
- 6-month regular security policy review cycles
Network Security
- Dedicated firewalls on all publicly facing servers
- Encrypted data transfer via HTTPS (256-bit SSL VeriSign® certificate)
- Secure, private sub-net provides a secure connection to transfer data between data centers
- Network IDS/IPS Protection
Application Security
- PCI DSS Level 1 compliance (Level 1 being the most secure)
- Vulnerability scans of all systems ensured for compliance by McAfee
- All system access via Secure Socket Layer (SSL)
- Authentication via multi-master authentication system (LDAP)
- Role Based Access Control (RBAC)
- Password Policy Control; Set Password expiry time, enforce strong user passwords
- Disable user feature- immediately lock down at risk employees
- IP Restriction: Limit users to specific range of IP addresses
Data Security
- All customer data stored securely and kept confidential per the Terms of Service
- All servers include redundant RAID+1 storage devices
- Database servers are multi-site redundant including our LDAP, MySQL and DNS systems
- Project data is backed up within the datacenter (hot) and across all datacenters (cold)

Got further security questions?