Great Data Demands Really,
Really Great Security
SOC 2 Type II
How our enterprise-level security works
Encryption and privacy
We follow best practices and regulations in protecting customer data, including preparing for GDPR in 2018. We also encrypt everywhere: at motion, at rest and in stored backups.
Intrusion Detection Systems (IDS), Web Application Firewall (WAF), and 24/7/365 log monitoring and alerting provide continuous visibility and early incident detection.
Internal and third-party assessments & testing
Regular penetration testing of the network and app, and third-party focused vulnerability assessment against OWASP top 10 software threats.
Strong password management practices. We implement need-to-know and least privilege in granular management of permissions and access right.
We host data across best-in-class data centers for fault-tolerance and fallover. Backups provide for 99.999999999% durability. Hosted data is guaranteed at 99.9% uptime. That’s a lot of nines.
We guarantee 99.5% uptime (minimum) in our product. Our agile methodology results in infrequent maintenance windows.