SameGoal understands the importance of keeping your data secure. We use best-practice precautions and configurations followed by security conscious organizations. These security procedures are often unrivaled in the industry.
- All internal site traffic is encrypted over the internet, using state-of-the-art SSL encryption.
- Defensive domain name registration prevents users from entering data into similarly-named, potentially malicious other sites.
- SFTP (SSH File Transfer Protocol) or SIF is used for all integrations with third-party products. SFTP security measures include:
- Authentication via Public key only (no passwords).
- No shell access for users.
- SSH protocol version 2 connections only.
- A well respected utility named named "passwdqc" (PASSWorD Quality Control) is used to enforce strong password selection.
- This library is recommended by a number of security conscious organizations.
- Production servers are located in a secure Type II SSAE 16 SOC 1 Audit Certified data center.
- Backup servers are located in a secure Type II SSAE 16 SOC 1 Audit Certified data center.
- Data centers provide superior physical security for data, including 24x7 armed guards.
- Data centers provide redundant power and internet, preventing against intermittent technical issues.
- Production and backup servers are geographically dispersed to prevent data loss in case of a natural disaster.
- Data is backed up daily. Backups are automatic, monitored, and are transferred securely via SFTP to a remote site.
- Data centers provide night-time access to servers, allowing technical staff to perform maintenance as required during non-peak hours.
- Strict firewall.
- Minimum number of ports open.
- Hardened services behind open ports.
- Security updates are regularly applied.