All of your written content is backed-up automatically in a continuous way, enabling point-in-time recovery. The backups are stored in Amazon S3, which is designed for 99.999999999% durability. Any files you upload are securely stored on Amazon S3, and covered by the same durability guarantees. Deleted content will cycle out of our backups after 30 days. All customer data is stored in Amazon’s Oregon (USA) data centre.
Our servers are hosted by AWS. Data centre access is limited to AWS employees and servers are physically protected by biometric scanning, security camera monitoring and 24×7 onsite staff to prevent unauthorised entry. All facilities are unmarked to help maintain a low profile, and are independently audited by specialist physical security firms. AWS data centre and network architecture are built to satisfy the requirements of the most security-sensitive organizations. You can download full security overview PDF from AWS.
All of our server software and firewalls are regularly updated, and carefully monitored. Passwords are heavily encrypted within our databases, and can never be seen in plain-text. All data sent to our servers passes through a 256Bit SSL encrypted connection (similar to what banks use).
You have the option to enable 2FA (sometimes called MFA – Multi-Factor Authentication) on your account to provide an extra layer of security. With 2FA once you’ve entered your username and password, an additional piece of information will be needed. This second factor will be generated by your phone and constantly changes every few seconds. So, to access your account you’ll need to know your username and password, and be in physical possession of your phone. This helps protect your content from cyber crime by making unauthorised access to your account much harder.
Our systems are designed to prevent outages happening from single points of failure, even if multiple servers fail. Scheduled maintenance is usually carried out on weekends to prevent disruption during working hours.
All credit card transactions are processed using our secure third-party provider, Recurly. Card information is transmitted, stored, and processed securely on a PCI-Compliant network, please see Recurly’s security details for more information. We do not store or process your credit card information on our servers.
Send us an email and we’ll get back to you as soon as we can.