Our Commitment to Security
Data at Rest Encryption
We’ve always supported SSL as a way to encrypt data as it travels over the internet. In addition to this, we now support “data at rest encryption”. This means that even if a hacker managed to penetrate our systems, the data inside would be of no use to them.
Our internal code review processes include a security review. If a vulnerability is found, we address it by deploying the updated code immediately. This year, we contracted a 3rd party security expert (a ‘white hat’ hacker) to conduct a thorough audit of our software and system infrastructure security. We also undergo audits by prospective customers and by members of our open source community. Our code is heavily scrutinized to ensure the best possible security for your data.
Unfortunately, sometimes security violations are committed by people who have legitimate access to a service. To help combat this, we’ve introduced a searchable event log. In the event of a security violation, it’s now simple to discover who was responsible for various actions.
Upgraded Denial of Service Protection
Distributed Denial of Service (DDoS) attacks are an increasingly common problem in internet security. The attacks involve targeting servers a flood of empty requests in an attempt to overwhelm them with traffic. We’ve recently upgraded our DDoS protection, allowing us to handle multi-gigabit attacks.
These recent security improvements are in addition to our existing security features. For a complete overview, please see our security overview datasheet here.
*Please note that these features are not available on all subscription plans.