We know how important your personal information is, which is why we employ some of the most advanced technology for Internet security available today. When you access our site through HTTPS, sensitive information you send (such as passwords) are encrypted using the industry standard TLS (Transport Layer Security) protocol, commonly called SSL (Secure Sockets Layer), ensuring your data is safe, secure, and available only to authorized users in your organization.

We also provide each user with a unique username and password that must be entered each time a user logs in. The password is hashed with PBKDF2 and the login information can be used to reliably track which user account triggered the action within the software. All customer data is  stored with Amazon RDS Encryption, which ensures that everything is encrypted at rest, including the underlying storage for the database, as well as any backups or replicas of the data.

In addition, we store customer data in a secure server environment utilizing Amazon Web Services or AWS. AWS data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means.

Here are some answers to frequently asked questions regarding security:

1. Do you store payment information like credit card numbers? 

We do not store payment information on our servers. Instead we use tokenization with our payment processing partner Stripe. Our customers use only the token to retrieve, access, or maintain their customers' credit card information. Meanwhile, their customers' real card data is stored with Stripe at a highly secure, offsite locations. Tokens have no meaning by themselves and are worthless to criminals if a company's system is breached in any way. 

Stripe is certified as fully compliant with the PCI DSS. The PCI DSS covers 12 major categories of information security, including network design, data storage, intrusion monitoring and the use of security-aware IT policies.

2. What are your Security policies and procedures for the accessing the physical location of your data / server center? 

All servers are running in Amazon Web Services (AWS). AWS data centers are housed in nondescript facilities. Physical access is strictly controlled both at the perimeter and at building ingress points by professional security staff utilizing video surveillance, intrusion detection systems, and other electronic means. Authorized staff must pass two-factor authentication a minimum of two times to access data center floors. All visitors and contractors are required to present identification and are signed in and continually escorted by authorized staff.

3. Are external connections to your website secured?

All traffic goes through a secure Hypertext Transfer Protocol over SSL, or HTTPS connection. When you access our site through HTTPS, sensitive information you send such as passwords and bank account numbers are encrypted using the industry standard TLS (Transport Layer Security) protocol, commonly called SSL (Secure Sockets Layer), ensuring your data is safe, secure, and available only to authorized users in your organization.

4. What Security (encryption) protocols are in place to protect the access to the application, data and network?

We encrypt all passwords, traffic, and all personal identifiable information (PII) we store with industry standard practices. Specifically, we encrypt all passwords with PBKDF2. HTTPS traffic is encrypted with TLS with a 2048-bit certificate that is signed with SHA-256. The entire database is also encrypted at rest, which prevents any data from being directly read from the underlying storage of the database or from the database backups, without the proper encryption keys.

5. Identifying, monitoring, and responding to security incidents

The development team has been part of building complex systems for a number of companies that have gone through security assessments, security bug bounty programs, and penetration tests, and those learnings have gone into how Outseta has been built and updated over time. Outseta’s software dependencies are monitored for when they are reported to have security vulnerabilities and need to be updated. Significant or potentially risky changes are peer reviewed before being released.

Outseta monitors a number of production metrics to identify and alert about anomalies. These cover the range from unusual network traffic, error frequency, unusual CPU and disk usage, etc. We also recognize when single customers are generating a high volume of requests that may be a sign of something unexpected occurring.

Securing the access to the customer related data (through AWS management console, direct DB access, admin / user panels, MFA, and so on)

6. How do you secure access to customer related data aside from credit card information?

Customer-related data is accessible by people performing support functions through the administration website. This is the same administration website that Outseta’s customers use to manage their data.

Only the Operations personnel have access to the production environment, and therefore have direct access to the servers and customer data. This access through the AWS management console is controlled by MFA.

7. How do you secure the networks and devices that customer data can be accessed from?

The administration website can be accessed from anywhere. Connections from new locations are logged and reviewed to ensure that access from an Outseta login account is expected.

Access by the Operations personnel to the production environment data is limited to originate from networks that have been previously established.

8. How do you protect and retain customer data?

While the data for Outseta’s customers are stored within shared infrastructure, all access to the data is tied to a unique customer identifier that is identified by the subdomain through which the Outseta API is accessed. Data for an Outseta customer is retained for one year after the customer lets their subscription expire. After that point, data that is not relevant to Outseta’s operations and reporting requirements is deleted. Customer data will also be deleted, if requested.