Support

Guides

Technical

Security

SameGoal understands the importance of keeping your data secure. We use best-practice precautions and configurations followed by security conscious organizations. These security procedures are often unrivaled in the industry.

Internet Traffic

  • All internal site traffic is encrypted over the internet, using state-of-the-art SSL encryption.
  • Defensive domain name registration prevents users from entering data into similarly-named, potentially malicious other sites.
  • SFTP (SSH File Transfer Protocol) or SIF is used for all integrations with third-party products. SFTP security measures include:
    • Authentication via Public key only (no passwords).
    • No shell access for users.
    • SSH protocol version 2 connections only.

Password Security

  • A well respected utility named named "passwdqc" (PASSWorD Quality Control) is used to enforce strong password selection.
  • This library is recommended by a number of security conscious organizations.

Hosting Facilities

  • Production servers are located in a secure Type II SSAE 16 SOC 1 Audit Certified data center.
  • Backup servers are located in a secure Type II SSAE 16 SOC 1 Audit Certified data center.
  • Data centers provide superior physical security for data, including 24x7 armed guards.

Reliability

  • Data centers provide redundant power and internet, preventing against intermittent technical issues.
  • Production and backup servers are geographically dispersed to prevent data loss in case of a natural disaster.
  • Data is backed up daily. Backups are automatic, monitored, and are transferred securely via SFTP to a remote site.
  • Data centers provide night-time access to servers, allowing technical staff to perform maintenance as required during non-peak hours.

Server Configuration

  • Strict firewall.
  • Minimum number of ports open.
  • Hardened services behind open ports.
  • Security updates are regularly applied.


0.03 seconds - © 2017 SameGoal, Inc.