📝 Overview
Protecting the security of customer data and of our software is one of our top priorities. We employ numerous measures to deliver industry leading, enterprise-grade security in the cloud.
💡 Click the button below to access our terms.
🔒 Physical Security
We proudly partner with Amazon Web Services, the world’s largest hosting provider. Physical security at Amazon data centers includes:
Perimeter and building access monitored by security personnel and video surveillance
Intrusion detection systems
Access limited to people with legitimate business purpose
📉 Monitoring
We monitor our infrastructure using multiple tools to ensure optimal system performance and availability including:
Amazon Cloud Watch for resource monitoring
System availability and performance monitoring
Monitoring for unauthorized access attempts
🏙️ Infrastructure
Our infrastructure is built on industry-leading core security services provided by Amazon. These services meet or exceed the industry’s top security ratings and standards, including HIPAA. In addition, we employ the following measures system performance and availability including:
Servers run hardened Linux with regular patching
Multiple firewalls with strict security group access control lists
Public/private key authentication for server access
Bastion server access controls for all servers
All login activity is logged and reviewed regularly
🗝️ Data Encryption
All data that is transmitted between our servers to a browser is encrypted using HTTPS/SSL. Our software forces secure browser connections to ensure that data can only be transmitted in encrypted format. Our SSL configuration is regularly audited and configured to ensure that it is optimized. Only the strongest security protocols and encryption cyphers are used. Weak or compromised security ciphers are actively removed. Our SSL configuration receives an A+ rating by Qualys, Inc., an independent security firm. A copy of the results is available here.
🌊 Disaster Recovery
Our infrastructure is designed to handle a variety of failures, including server failures, rack failures, network switch failures, power outages and complete datacenter failure. To minimize the impact of a disaster on our customers, we implement several processes including:
Writing data to multiple disks in multiple data centers
Backing up all disk volumes nightly
Logging database transactions for point-in-time recovery
Ability to redeploy application stack and data within minutes
Using load balancers to automatically circumvent failures
❓ Frequently Asked Questions (FAQs)
Find answers to common questions or additional details that may not be covered in the main instructions.
Click the arrow to view frequently asked questions
Click the arrow to view frequently asked questions
How do you protect customer data and secure your platform?
Click the arrow to see the answer
Click the arrow to see the answer
We use enterprise-grade security through AWS, including hardened Linux servers, firewalls, strict access controls, key-based authentication, and regular activity logging. Our infrastructure meets or exceeds top industry standards, including HIPAA.
How is your hosting environment physically secured?
Click the arrow to see the answer
Click the arrow to see the answer
Our platform is hosted by AWS data centers with 24/7 monitoring, security personnel, video surveillance, intrusion detection systems, and tightly controlled facility access.
How do you monitor for performance and security threats?
Click the arrow to see the answer
Click the arrow to see the answer
We use tools like Amazon CloudWatch to monitor system performance, availability, and unauthorized access attempts. All login activity is logged and regularly reviewed.
How do you handle data encryption and disaster recovery?
Click the arrow to see the answer
Click the arrow to see the answer
All data is encrypted via HTTPS/SSL with an A+ rated SSL configuration. We maintain nightly backups, multi-data center redundancy, point-in-time recovery, and rapid redeployment capabilities to ensure business continuity.