Security

Security and Compliance

To protect your data, we have implemented detailed, audited policies and procedures in place to guarantee the highest possible levels of security.

product_security

We assess and actively monitor both our physical site security, and our IT infrastructure and we operate a continuous improvement model to ensure that our controls continue to be appropriate to ensure your data is safe and secure.

  • Physical Security

    Our servers are collocated in secure, carrier-class data center facilities in Virginia (US), California (US), Strasbourg (FR), and Falkenstein (DE) with 24-hour manned security, biometric access control, and video surveillance.

    Our data centers meet the industry’s highest security standards and are SAS-70 Type II and SysTrust certified.

  • Network Security

    Our network perimeter is protected by state-of-the-art firewalls and monitored by intrusion detection systems (IDS).

    We proactively analyze firewall and IDS logs to detect and prevent security threats.

    We employ nationally-recognized, 3rd-party security firms to perform ongoing vulnerability assessments of our network infrastructure.

  • Server Security

    We safeguard our servers and systems using network address translation, port redirection, and other proprietary techniques.

    We achieve tight operating system-level security by using a minimal number of access points to all production servers.

    We protect all operating system accounts with strong passwords, and production servers do not share a master password database.

    We maintain all operating systems at each vendor’s recommended patch levels for security and further harden them using proprietary techniques.

  • Data Security

    We restrict access to our production databases to a very limited number of very carefully screened personnel.

    Our customers own all of their data. Our employees cannot access customer data without permission from the customer.

    We store all passwords and other sensitive data in our databases using strong one-way encryption.

  • Application Security

    Users can access Formelo only with a valid email and password, which are encrypted via SSL during transmission.

    We use an encrypted session ID for each user. We employ a strong, multi-layered application security model to prevent one customer from accessing data of another customer under any circumstances.

    Formelo uses end-to-end SSL (Secure Socket Layer) encryption to encrypt all of your data during transmission.

    An account administrator designated by you is the only one who has the authority to manage your users’ login accounts.

  • Reliability

    We have configured all networking components, load balancers, and web/application servers in a redundant manner.

    All of our customer data is stored using a redundant database server cluster, and on carrier-class RAID disk storage.

    We employ geographically distributed, quadruple data backup. This includes real-time backups as well as nightly backups, including an automatic nightly backup to a primary tape library. Backup tapes are moved to a secure, fire-resistant, off-site storage regularly.

    Our data center features fully redundant electrical generators, UPS, air conditioners, and other backup equipment designed to keep our servers continuously running.