SignupSentinel

Security

Security at SignupSentinel

At SignupSentinel, we prioritize the security of our platform and the data we manage. Our commitment to security is comprehensive, encompassing infrastructure, application, and user data protection. Below is an overview of the measures we take to ensure that your data is safe and secure.

Data Handling and Protection

  • Minimal Data Collection: We collect only the information necessary to provide our services effectively. By minimizing data collection, we reduce potential risks.
  • Encryption: All data is encrypted both at rest and in transit using industry-standard encryption protocols, ensuring that your information is protected from unauthorized access.
  • Data Access Controls: Access to sensitive data is restricted and managed through strict access controls. Only authorized personnel can access this data, and only when necessary.
  • Data Retention and Deletion: We retain user data indefinitely, allowing you to keep records for security audits or other purposes. However, we respect your privacy and offer data deletion upon request.

Application Security

  • Automated Security Audits: We run security audits using tools like Brakeman and Bundle-Audit on every deployment. These tools are integrated into our continuous integration pipeline via GitHub Actions, ensuring that vulnerabilities are identified and addressed promptly.
  • Patch Management: We are committed to responding to any legitimate vulnerabilities as quickly as possible. Our automated systems detect and apply security patches in real-time, minimizing the window of exposure.

Infrastructure Security

  • AWS Security: We leverage Amazon Web Services (AWS) to host our platform, utilizing its robust security features, including Virtual Private Clouds (VPCs), Security Groups, and Web Application Firewalls (WAF). We also use AWS CloudWatch for monitoring and automated notifications if any suspicious activity is detected.
  • Regular Backups: Automated backups are performed regularly through AWS to ensure data integrity and availability. In the event of a disaster, we have a clear data recovery process to restore your information swiftly.

Third-Party Integrations

  • Secure Integrations: We integrate with trusted third-party services like Stripe for payment processing, GitHub for source control, AWS for hosting, and Google Analytics for user behavior tracking. Each of these services is carefully evaluated to ensure they meet our stringent security standards.

User Security

  • Multi-Factor Authentication (MFA): We offer MFA to provide an additional layer of security for your account. This optional feature enhances protection by requiring a second form of verification.

Continuous Monitoring and Improvement

  • Proactive Monitoring: Our systems are under continuous monitoring to detect and respond to any unusual activity. AWS CloudWatch and other monitoring tools help us maintain a secure environment.
  • Responsive Security Patching: Our approach to security is proactive. We apply patches and updates as soon as they become available, ensuring that our platform remains secure and up-to-date.

At SignupSentinel, we understand that security is an ongoing process. We remain vigilant, continually improving our security measures to protect our users and their data.

For more information or any concerns regarding security, please contact us at help@signupsentinel.com.