Preserving the confidentiality and integrity of your information is one of Codemonkey.ai's highest priorities. This document summarizes the key measures we take in ensuring your data is always protected.
How is Codemonkey.ai protected?
Codemonkey.ai maintains a deep culture of security and utilizes an iterative approach in designing and improving security procedures and controls. We continuously analyze the effectiveness of our security policies to ensure we are providing optimal protection for our customers.
- Secure Connections: All connections to Codemonkey.ai are secured via SSL/TLS. Any attempt to connect over HTTP is redirected to HTTPS.
- Application Security: Codemonkey.ai utilizes secure development best practices that integrate security reviews throughout design, prototype and deployment.
- Customer Data Protection: All data is classified as confidential and treated as such. Inbound and outbound low-level logical firewalls ensure that data cannot be leaked between Codemonkey.ai networks. Sensitive production data is never migrated or used outside of the production network.
- Strict Separation Between Application and Data: Codemonkey.ai's web application servers are physically and logically separated from servers that store customer data.
- Hardened Operating System: Codemonkey.ai runs on hardened Linux servers. Externally exposed critical patches are addressed within 24 hours.
- Data Center Security: Codemonkey.ai's offsite SAS70 Type II data center provides 24/7/365 video surveillance, biometric and pin based locks, strict personnel access controls and detailed visitor entry logs.
- Internal and Third Party Testing: Codemonkey.ai routinely runs internal and external vulnerability scans and penetration tests. Third party firms are utilized to perform quarterly security reviews.
- Business Continuity: Codemonkey.ai customer data is backed up twice daily and protected with strong encryption on disk. Backups are transferred offsite over SSH and properly deleted after 6 months.